|
Secure database?
We had a admin flip out on us. She deleted a bunch of stuff to our board, and we have gotten all that back. I have a weird feeling that she can still get in our database and need to know what steps I should take to make sure that she can't get in anymore. Can anyone tell me what the first step I should take to make sure that our database is secure?
And I know this is going to sounds kinda out there- but she made a new board has the same software and everything that we do. Is there anyway she could be somehow connected or mirroring us? Everytime we're down, her board goes down to. I didn't know if that was possible, so I though I would just ask the people who might know. |
Change out all the database connection information in your /includes/config.php file, if you use cPanel (or its equivalent) and she had access to that, change the password, etc.
|
I changed all of these in the config file.. Is there anything else in the config file that might need to be changed or is this it? I have also changed the Cpanel passwords.
master database username and password. USERS WITH ADMIN LOG VIEWING PERMISSIONS USERS WITH ADMIN LOG PRUNING PERMISSIONS USERS WITH QUERY RUNNING PERMISSIONS UNDELETABLE / UNALTERABLE USERS SUPER ADMINISTRATORS What should the next step be? Are there any htaccess passwords I need to change anywhere? I know this girl is sneaky, and want to make sure I cover all by bases. |
Did she have access to your FTP or cPanel before you changed out all the Passwords?
|
Yes, she had access to everything. She's the one that installed all the hacks, she ran the board. I'm just learning how to do this since she flipped out.
|
It's possible she may have modified any number of your core PHP files; you may want to consider re-uploading fresh copies of them from the vB.com Member's Area.
Keep in mind that in doing this, you could be undoing any modifications to files that may have been required for a modification to function properly. |
Oh my, sounds like something hard, but I have to make sure that she can't get in anymore. Can I just change the number of the core php files to what they are supposed to be? Or would it be easier to upload the fresh ones?
|
Sorry - change the number of the files? Not sure what you mean.
|
No, it's not you. It's me, sorry.
I thought you were talking about changing the numbers for the change file permissions. Hope I'm making sense. |
Oh, no, I'm not talking about the file permissions - I'm talking about the actual files themselves. If you go into your AdminCP -> Maintenance -> Diagnostics -> Suspect File Versions; you can see any files that aren't native to vBulletin or have been changed from their default form.
|
| All times are GMT. The time now is 01:19 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|