vb.org Archive - Major Issue

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)

- - Major Issue (https://vborg.vbsupport.ru/showthread.php?t=191933)

Okay, earlier today before I left for work, my site had several apache messages pop up. I get home from work and try to log into my site and it says that I have the wrong password/username. Evedently any account that logs out, is now unable to log back in. All my users are getting the same "You've reached the password quota" message. So I'm assuming that once again, I've been hacked. Is there anyway that I can fix this problem asap?

this is related to the server, not the software... you will have to contact your host...

vb is just not all that secure. This is the second time this has happend. Right now it's escalated to the point where everyone is now IP banned and no one can even view the site. My server host's response:

Quote:

hi there

is this still an issue? your website is active / online working very fast for us using the firefox / seamonkey browser;

http://nationofhiphop.net/

-----------------------------------------
You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so
-----------------------------------

Most hacks occur due to insecure PHP scripts, some code may have entered your website by a vulnerability in your scripts, please update your scripts to the latest versions and change your accounts password.

please look at the following articles:

http://www.google.com/search?q=mysql+injection
http://en.wikipedia.org/wiki/Cross-site_scripting
http://www.google.com/search?q=php+s...ulnerabilities

regards

Whatever, guess there's nothing I can do as usual.

What is your setting for:

AdminCP -> vBulletin Options -> Server Settings and Optimization Options -> Session IP Octet Length Check

Thanks for response Marco but atm, I'm banned from my own site. Can't even access the admincp. But I guess if I decided to make another site which I'm not sure of now (I'm a target for hackers for some reason and have had several sites hacked) I could keep that in mind. Thanks.

Are you locked out from your site or the forum only?

If it is the site, the server and/or your server account got hacked. If you can still access the forum pages, but can't login, your forum has been hacked.

In order to assist we need to know where you need help ;)

I'm locked out of my forum as is every other member of the site. Any page you try to visit on the forum, it just says that you've been IP banned.

My host is terrible and took away my cpanel like 2 weeks ago. I've contacted them about it and they said the reason was because I didn't renew the domain name that they provided which imo is rather absurd. I said, alright, I'll renew the domain that I don't use in order to get my cpanel back. The sales team has still not let me gain access to my cpanel.

So byethost<<<

So this means you don't have even access to the database?

Well anyway this should do the job:

UPDATE setting SET value='0' WHERE varname='ipcheck' LIMIT 1;
UPDATE setting SET value='' WHERE varname='banip' LIMIT 1;

Please note that you may need to change also the datastore => options row, setting the above values accordingly.

Changing these values remove the IP ban, but the hacking damage may go further.

I have no clue what happened, but I just came home and went to my site and it's back. So this might have not been a hack job but rather my host just somehow messing up my site. But anyways, as always you guys are great and are willing to help. I appreciate it.

Quote:

Originally Posted by Memphis834@yaho (Post 1630818)

No, you're just not secure. vBulletin is only as secure as its admins/server.

I've been running vBulletin for over 3 years now, and never once been hacked.

X vBulletin 3.8.12 by vBS Debug Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (1)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages:

Phrase Groups Available:

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.00984 seconds Memory Usage 1,739KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (1)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: