vb.org Archive
Page 3 of 4 12 3 4
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Forum and Server Management (https://vborg.vbsupport.ru/forumdisplay.php?f=232)
-   -   HACKED - Make sure you are secure (https://vborg.vbsupport.ru/showthread.php?t=210273)

Dismounted 04-13-2009 04:37 AM
Quote:
Originally Posted by |Jordan| (Post 1789965)
Chown it as a different user other than root?
Ideally, a user just dedicated to PHP (with locked down permissions). Also have a look at upload_tmp_dir (you may want to change this as well, although it is not necessary).

Brother Malachi 04-20-2009 08:11 PM
Sorry for reviving this old thread but how can I know if my site is compromised?

tipoboy 04-20-2009 09:48 PM
Quote:
Originally Posted by hammerhead24 (Post 1795473)
Sorry for reviving this old thread but how can I know if my site is compromised?
usually if you keep your bulletin board up to date, your pretty safe

Dismounted 04-21-2009 09:17 AM
You don't really know until its too late. However, as mentioned above, keeping your software as up to day as possible will reduce this risk.

Brother Malachi 04-21-2009 11:33 PM
What about the tmp folder?

Dismounted 04-22-2009 06:55 AM
What about it? As long as you keep PHP's temp directory secured, you should be fine.

Brother Malachi 04-22-2009 08:19 PM
What I meant was how do I know if the /tmp/ folder is not secured?

TECK 05-01-2009 02:33 AM
Quote:
Originally Posted by |Jordan| (Post 1789425)
How do you secure the tmp dir ? chown it?
The hacker does not use a /tmp dir, to hack your forum. He takes advantage of your 0777 chmoded dirs in vB to screw you nice.
I posted this issue long time ago but people thought I'm crazy. I even wrote a tutorial on this site how to secure vB... Put it this way: You have a 0777 dir into your /var/www/html (or whatever is the web root)? You can be hacked, very easy.

Read this article I wrote long time ago... probably nobody read it.
Then secure the same way the curent 0777 dirs, not just the config file. Chmod them to 0750 and own them by nologinuser:root.

chloe101 07-27-2009 08:02 PM
Quote:
Originally Posted by TECK (Post 1802240)
The hacker does not use a /tmp dir, to hack your forum. He takes advantage of your 0777 chmoded dirs in vB to screw you nice.
I posted this issue long time ago but people thought I'm crazy. I even wrote a tutorial on this site how to secure vB... Put it this way: You have a 0777 dir into your /var/www/html (or whatever is the web root)? You can be hacked, very easy.

Read this article I wrote long time ago... probably nobody read it.
Then secure the same way the curent 0777 dirs, not just the config file. Chmod them to 0750 and own them by nologinuser:root.
Thank you!

knucklenitz 09-25-2009 04:20 AM
Teck-

Just to make sure I understand, moving the config.php to another directory out of the public html will not affect vb operation?

I was just hacked yesterday and confirmed that it was some sort of database insertion, based on that when I restored a backup database, the hack was cleared. I wasn't able to find any files with changed dates.

Is there some other way, other that the hacker breaking the config.php that they could manipulate the database?

Note that I also have htaccess on all pertinent directories.

Thanks!


All times are GMT. The time now is 02:13 PM.
Page 3 of 4 12 3 4
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01017 seconds
  • Memory Usage 1,738KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete