vb.org Archive
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   My forum is under Hacking attack (https://vborg.vbsupport.ru/showthread.php?t=174303)

sdfaheem 03-27-2008 08:29 AM
My forum is under Hacking attack
 
Since morning today somebody is trying to hack my forum.
They are frequently modifying or deleting code from many php files.
My host has restored the forum twice but they are continuosly hacking the files.
please somebody help me at the earliest.

I chmod all the files to 644 and changed the names of admincp and modcp directories too.
I don't understand how to stop this ongoing attack.:confused:

Kalina 03-27-2008 08:40 AM
Did you try changing your ftp/web panel password?

sdfaheem 03-27-2008 08:42 AM
Quote:
Originally Posted by Kalina (Post 1475701)
Did you try changing your ftp/web panel password?
Yeah, i changed the passwords of my ftp as well as host control panel

Kalina 03-27-2008 08:49 AM
I hope your host is looking into securing the server or making sure it's secure, also, you should look at your raw access logs to see how and what they're doing.

sdfaheem 03-27-2008 09:07 AM
my host has restored the db thrice by now, changed all the master passwords.
i looked at raw access logs but didn't find anything suspicious, may be i couldn't locate it as its new for me

Dismounted 03-27-2008 09:19 AM
Are you only running vBulletin?

Kalina 03-27-2008 09:25 AM
And what plugins, if any, do you have installed?

Marco van Herwaarden 03-27-2008 10:14 AM
Is this a dedicated or a shared server?

90% chance that they are hacking you on the server level. Restoring your own files and database will not close such a vulnerability and probably only your host can do so. I would put a bit of pressure on your host and ensure that they close any vulnerabilities before even trying to restore anything.

sdfaheem 03-27-2008 05:15 PM
Quote:
Originally Posted by Marco van Herwaarden (Post 1475747)
Is this a dedicated or a shared server?

90% chance that they are hacking you on the server level. Restoring your own files and database will not close such a vulnerability and probably only your host can do so. I would put a bit of pressure on your host and ensure that they close any vulnerabilities before even trying to restore anything.
Its a reseller account Marco.
And now i see that all the sites which are hosted on this host are down, i mean other client's sites, may be the server is under attack or might be they shut it off to prevent further hacking attempts. Don't know whats going on but i am really pissed off.

BTW, What do you think of Yahoo small business hosting? They provide unlimited bandwidth usage, and my forum averages 30 GB of bandwidth per month. I now feel that i should try out another host?
Please suggest me a reliable and affordable (cheap) host.

Regards

Marco van Herwaarden 03-27-2008 06:02 PM
If all sites on that host are down, then it only confirms my guess that your site was hacked on a server level. Sounds like a host who has no (good) control over their security.

Try another host? I would not be very confident to stay with the same host after such thing happened, but also depending on how they react to a situation like this, how long it will take them to get things sorted, if they can give some degree of garantee that vulnerabilities have been closed, etc...

I can not suggest any specific host, but there is no such thing as "unlimited", for me a claim like that put up red flags.


All times are GMT. The time now is 10:37 AM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01047 seconds
  • Memory Usage 1,728KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete