Is this a possible hack??
 

I've just had a message prompt on my forum saying that my password is over 180days old and i need to create a new one.

I didn't want to go ahead with that incase its a possible hacker attempting to gain access to my current passwords.

Is there a way i can disable the password update for my account.

It seems strange to me that an admin needs to be prompted to update a password

That's default, you can disable it if needed, but its best to leave it for security reasons

The default was set to '0' for all over usergroups accept for admin. someone has definitely changed it.

I changed it back to '0' so it doesn't take effect and got back in ok.

Now it seems someone has tried to log into the admin panel as i've just tried and its telling me this message

https://vborg.vbsupport.ru/

If someone tried to login into the admin panel, you should definitely consider securing your admincp and/or changing the directory.

How do i do that?

I was talking about the admin account what group are you talking about

There are many ways:
- a .htaccess file in the admincp directory which has a list of allowed IP's.
- A mod like https://vborg.vbsupport.ru/showthread.php?t=312555
- Hardcoding an IP restriction in the index.php file of the admincp.

I would suggest this mod, https://vborg.vbsupport.ru/showthread.php?t=312555

No need to do it I'm the files.

Hey, your supposed to be recuperating man!:D

--------------- Added 23 Jul 2014 at 12:36 ---------------

I know you do this stuff alot but wow! You finally turned into files? lol

Great mod btw!

I also use the admin firewall which lets certain ips in. That combo is rock solid.

How do i locate the ip addresses for people who have accessed/tried to access and Admin CP?

Only problem restricting it to ip's is everyone needs a static ip not a dynamic one.

There might be a mod to log the ACP login attempts, you should search the mod section. You might be able to find the IP addresses in the access.log of your website though. Just look search for the string admincp in the access.log.

I know, but answering a few questions won't hurt besides, I miss helping. If I can help one or two people a day or a week with a quick answer it makes me feel I am not useless.

I hear you mate. You will be back to 100% soon. All the best!

The doctor said it normally takes 7 months to a year, but as mine was bad he said it might be closer to the year or a little over it, but it depends on many factors but I am not sure how much over a year it will be. My attack was bad some damage to the bottom of my heart this is why I went into the op a few hours after my attack. In 3 months I will be going to cardiac rehabilitation so not sure what will happen there this hope it helps will know more then

Lol that's what I get for typing on my phone.

No. 180 is default for Admin usergroup, it's the only ug this feature is activated by default. If you did not change it to 0 manually at some point (which I doubt, since you did not even know that setting), it is perfectly normal, and not a sign anyone hacking your forum.

Just browsed through this thread and saw this.

Hope you're all good there, mate.

Thanks for asking trying to take one day at a time and trying to be stress free. Here is the one I made two days ago if you have not seen it yet.