The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#11
|
||||
|
||||
Changing in config.php is enough. But - did you reinstalled everything and I really mean everything ?
If the machine has been "hacked" once, how can you ensure nothing has been modified and that you can trust an installed "security tool" any longer ? Do backups before of course |
#12
|
|||
|
|||
If there are modified files, like in your case the config.php, then the attacker most likely has not used vBulletin to enter your file system.
Most likely you are on a vulnerable server. Please contact your host and place a fresh copy of all files once your host has secured the server. |
#13
|
|||
|
|||
Hi to all
i have the same problem, It all started on the first of May i cleaned and restore everything to a month ego except the database and attachments (mainly photos, no programs or any code ) the problem keeps coming buck every 4 - 5 days all .php files are modified or some del, the first time it happened i also had the above code in all .php files. I contacted my host and they just keep giving me advice how to check and secure my code (VB in my case) and they do nothing, I also come to believe that the problem is host security problem, Do you think that if i change host (since they do not seem to accept that it is a host security problem and investigate they are doing nothing to help just polite talk and advices ) will My problems be over?? Ps. I know nothing about programing and .PHP Only how to upload and use VB (3 years experience) |
#14
|
||||
|
||||
Quote:
|
#15
|
|||
|
|||
Change all your passwords also. Hosting password, FTP password, Database password, and your Hosting company account login password.
|
#16
|
|||
|
|||
Quote:
the problem keeps coming buck every 4-5 days as it was mansion it seems like the only solution is to change host |
#17
|
|||
|
|||
im curious, are you possibly using dreamhost or godaddy and use wordpress for your site
my friend has the same encrypted virus which keep popping up till i removed the code for him... but if its the mentioned host, u should move away |
#18
|
|||
|
|||
No i am not using wordpress
And yes my host is one of the above |
#19
|
||||
|
||||
The issue could've have begun if you installed some "nulled" scripts. Always a bad idea as the people who null them implant ways to get into your server within those scripts.
|
#20
|
|||
|
|||
Quote:
http://www.wpsecuritylock.com/ninopl...dy-case-study/ even if u dont run wordpress that site got pretty got tip how to secure ur account with godaddy --------------- Added [DATE]1274447260[/DATE] at [TIME]1274447260[/TIME] --------------- and a goodperson posted a script to remove the infected code on all files http://blog.sucuri.net/2010/05/simpl...or-latest.html |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|