vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   My Forum Has Been Breached (https://vborg.vbsupport.ru/showthread.php?t=215890)

Nadavy 06-11-2009 04:40 AM
My Forum Has Been Breached
 
So repeatedly over the past couple days, several of our admin accounts have logged onto the forum and started posting inappropriate comments and talking about how we have been hacked. They keep saying they are unstoppable.
We installed an ip block so that only a few of us can get into the admin panel.
Is there any sort of MOD that I can download that only allows certain IPs into certain accounts?
Any suggestions?! Help!

Attitude5ire 06-11-2009 05:36 AM
When you have more admin accounts..the risk of getting breached is also higher. You need to secure ur ACP more.
Firstly backup ur forum database just in case.
Password protect ur ACP using .htaccess password
Assign ur admin account strong passwords.
If they still keep getting breachd. just suspend them for a while and patch more areas. Also ask they to make sure they havent been hacked cos someone might have a keylogger installd in ur admin accounts.. so its hard to pin point but just suspend till u take all precautions.

Scotteh 06-11-2009 07:51 AM
in your home/public_html/forum there should be the admincp folder, in that there should be a .htaccess file.

Then you can add;

Order Deny,Allow
Deny from all
Allow from IPADDRESSOFADMIN1, IPADDRESSOFADMIN2

etc (use comma to seperate)

So it denies access to it from everyone apart from those specific IP's, however a vast amount of people have dynamic IP's now so it may be alot harder.

Nadavy 06-11-2009 08:02 PM
We installed an .htaccess thing.
So that stopped them from being able to do serious damage...
but they can still log onto the admin acounts =/

Anything else?

Wired1 06-11-2009 08:13 PM
Change the passwords to the database, and as Attitude5ire said, change the passwords of all admin / mod accounts. Do it from a secure computer, as one or more of the admins may have keyloggers on their computer.


All times are GMT. The time now is 03:28 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00902 seconds
  • Memory Usage 1,709KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (5)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete