Thread: Urgent Help Needed : Site HAcked How?
View Single Post
  #3  
Old 11-27-2011, 04:37 PM
preemz10314 preemz10314 is offline
 
Join Date: Oct 2010
Posts: 189
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Disabling the plugin may work. A Shell is a trojan, a back door into your system. If your site is just being hosted thru a register then that could work just by deleting it. However, if you are hosting your forum on a VPS or your own dedicated server then he could have uploaded a shell somewhere else which could give him easy access into your domain. Contact your hosting and tell them to disable shell's from running. I am and change all of your passwords.

Also, edit your .htacess to only allow YOUR IP to hit the admincp and your moderaters (if they & you use use dynamic ips). There are tutorials on how to secure your forum around. And also, rename your admin and modcp folder to something else, and also edit them in the config.php to match. This is another form of security for your forum so by default, its yourforum/admincp it is a good idea to change that to something else. Sure a hacker could also crawl your site to try to find it, but naming it something incognito like say youforum.com/lmages (with a lower case L ) may throw them off.

Most of these SQL hackers do not know very much and just follow others tutorials. Without a deeper understanding of vbulletin itself they may be thrown off guard and move on.
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01058 seconds
  • Memory Usage 1,760KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete