vb.org Archive
Page 3 of 5 12 3 45
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Secure your vBulletin board (https://vborg.vbsupport.ru/showthread.php?t=35346)

JamesUS 02-24-2002 10:29 AM
Don't worry - Chen has showed me and there is nothing to worry about. Your boards are secure :)

TECK 02-24-2002 10:37 AM
thanks james. i came to the same conclusion. after discussing with ptbyjason for over 5hrs (reinstead him as admin, upgraded to 222, secured the folder admin) we tried to track down every event the hacker did. the only flaw we saw was this:
a hacker admin can delete the logs and change his identity in admin panel. is there a way that VB could save all this info to a log file that cannot be 'cleaned'? in this way in the event a board is hacked, the info can be retrieved, IP, etc. let me know please.

Admin 02-24-2002 10:43 AM
You can protect the admin log and only allow certain admins, or none at all, to prune it. This is done from config.php.

TECK 02-24-2002 10:45 AM
i understand firefly. i was referring to the event a hacker could somehow gain access to your root.

TECK 02-24-2002 10:50 AM
for some reason, i still believe this was done from outside, not on the root. ptbyjason told me that all the hacker did was to show his hidden forums and delete the admin accounts and reinstead himself as admin. aparently, ptbyjason's site is very succesfull, he had his provider called and requested to have his site down by his competition. his site is:
http://www.anabolicreview.com

if the hacker had acces to the root, he would delete all site, is simplier and more efficient. what do you think?

JamesUS 02-24-2002 11:16 AM
It's quite unlikely it was done from the outside, unless an older version of vBulletin was being used. The hacker may have had a reason to only do certain things rather than trash the whole forum...but we certainly don't know of any security risks with the latest vBulletin.

One way to find out would be to look at the apache server logs to see if any vb scripts were exploited to gain access...it's not a sure-fire way of telling but if it was done from the outside it was likely to be through that.

Also make sure that only scripts running on the local server can access MySQL...that's a huge security risk if that isn't the case. Check that out with the host to make sure that couldn't have been what happened.

TECK 02-24-2002 11:32 AM
pybyjason had 2.03 installed. i got him upgraded to 222. he downloaded himself the latest version from vb.com members area.
do you know if he opened a support ticket for this matter?

Wolf42 02-24-2002 01:03 PM
Quote:
Originally posted by PPN
Simpliest way to do something like this is use

PHP Code:
if(!strstr("$_SERVER[PATH_TRANSLATED]""$_SERVER[DOCUMENT_ROOT]")) {
die();

Hhmmm....
If I add this on top of my config.php the only thing happen is that it is show in the header. :(

And this error will be shown:
Code:
if(!strstr("$_SERVER[PATH_TRANSLATED]", "$_SERVER[DOCUMENT_ROOT]")) { die(); }
Warning: Cannot add header information - headers already sent by (output started at /home/www/*****/forum/admin/config.php:5) in /home/www/*****/forum/admin/functions.php on line 1603
Sorry for editing the real Server-Path ;)

Scott MacVicar 02-24-2002 01:11 PM
this presumes your running php 4.1.0 or greater

you'll need to use $HTTP_SERVER_VARS instead of $_SERVER

Scott MacVicar 02-24-2002 01:11 PM
em one question your adding this below the <? tags right?


All times are GMT. The time now is 01:46 AM.
Page 3 of 5 12 3 45
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01084 seconds
  • Memory Usage 1,740KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_code_printable
  • (1)bbcode_php_printable
  • (1)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete