|
:facepalm:
|
Okay so let's just sum up the ways how this could of happened:
- Someone got root access on the shared server and decided to mess up a bunch of sites. - Someone found a malicious vBulletin plugin (or a backdoored plugin) and abused this to gain access to execute commands. - OP had his FTP/CPanel information stolen somehow. (Which is not likely unless OP has a virus/malware.) Also even if they had access to the database information, they can't do anything with it unless: the host has a public listening MySQL server, a public reachable PHPMyAdmin installation or if they had access to creating PHP files. Were the access logs checked by the way? Regardless, my advice is to move host asap. Once you lose trust in your host, you should save yourself the trouble and move. |
^ I've reviewed his reviews on exploits and other via his blog so head his advice, Dave actually knows his stuff. The rest of you geesh, argue your rears off within reason :p.
|
That would be a good call, Dave does know his security stuff. :)
|
I don't really care about your advice although I appreciate your time to chip in.
It came before: the product, vBulletin has to be a product serviceable by a user. Not by the boffins. That is why I bought it. But appears not to be the case. The trivialities recommended here are laughable, all the advice. Furthermore, so called "Experts" advocating open text paswords, is it not a degeneration of the humanity? Anyone off the street could tell you open text password is a stupidity, still, here, VB coders and developers are scolding me for sayin just that. BTW, my humble site is working well, after I have reinstalled it and not listened to anything said in this tread. Until someone is pleased to hack it. |
If you don't want people's advice, then why post? You seem to know it all, so no need to waste people's time replying to you when you tell them you don't care about the advice given.
|
I guess you know better than all of us who have been using it for years. Good luck.
|
Quote:
But I bought a product that goes a victim to anyone who wants to hack it. Just when they want. Then I need someone (outside of vB) to help me. That is not a product, that is rubbish. Still talking VB4. Not VB 5. |
If that was the case, every vB site in the web would be hacked, not just yours.
|
And they are, the world over, every day.
Those who don't know what to say, retreat to Database injections. Really, how could that happen? It might, but the database is not vBs property, neither mine on the my site provider. Is it a mystery that covers up blatant security holes within the vB? Like by vB coders and developers much loved open for all plain data base password? What they might not know, entering the SQL code of the providers' database would affect not only one site. That could have happened to me and I don't know about others. Hence your advice (if you have guts, go back and read them) were useless. |
| All times are GMT. The time now is 09:34 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|