The Arcive of Official vBulletin Modifications Site.

Devil Woman · #1 01-23-2006, 11:49 PM

I am having a problem with settings changing on my board

for example the other day I went in to change something on 1 of my usegroups and I found there to be 4 usergroups called admins :ermm:

Now I know I haven't set these up and I asked everyone that has access to that part of the admin cp and non of them have touched it, now the funny thing is this happened as a guest was online a guest who I know has a grudge since I banned them (knew it was them through true IP)

Is there any possible way anyone could be getting into my forum and into places they shouldn't without being registered? If there is can I stop that?

Thanks

Talisman · #2 01-24-2006, 12:23 AM

Quote:

Originally Posted by Devil Woman

I am having a problem with settings changing on my board

for example the other day I went in to change something on 1 of my usegroups and I found there to be 4 usergroups called admins :ermm:

Now I know I haven't set these up and I asked everyone that has access to that part of the admin cp and non of them have touched it, now the funny thing is this happened as a guest was online a guest who I know has a grudge since I banned them (knew it was them through true IP)

Is there any possible way anyone could be getting into my forum and into places they shouldn't without being registered? If there is can I stop that?

Thanks

That's always a possibility. The weakest security point and most obvious place to check first would be the passwords you're using to log in. How strong are your passwords? Have you changed them all, recently? What about ftp access on the server side?...that's password protected, too. Same thing if you're using phpmyadmin for access to your data files. You could also check your admin logs from the ACP to see if anyone's been doing something they won't admit to you.

I expect someone else will post here, as well... to offer a few more technical suggestions for you ... but maybe that'll help with some basic information. Your host might also help you with more advice on monitoring server activity and securing your site.

Hope it works out ok for you...

Devil Woman · #3 01-25-2006, 10:48 PM

All members as far as I know have unique passwords which this guest would not know, i will take a look at the admin logs, unfortunatly my host will notgive help to any 3rd party programs etc

Thanks for that

Nikki xx

Borgs8472 · #4 01-25-2006, 11:13 PM

Have a look through your admin logs and try and work out when this happened, eliminate other admins (did you do anything at X time on X day?) until you find out who did it.

Then you can check the ip of that action and run some comparisons.

Devil Woman · #5 01-25-2006, 11:24 PM

Lol may sound daft but I have lost it, where do I find the admin logs :S

Thanks

Talisman · #6 01-26-2006, 12:43 AM

Quote:

Originally Posted by Devil Woman

Lol may sound daft but I have lost it, where do I find the admin logs :S

Thanks

In your ACP, go to Usergroups > Administrator Permissions > View Control Panel Log ... for each of the admins you haven't eliminated yet.

#7 01-26-2006, 12:43 AM

/me notes the password protection howto linked in his sig.

Talisman · #8 01-26-2006, 12:47 AM

That's a nice addition for better security for the ACP. Thanks, Chris.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.04290 seconds Memory Usage 2,223KB Queries Executed 13 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (2)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (8)post_thanks_box (8)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (8)post_thanks_postbit_info (8)postbit (7)postbit_onlinestatus (8)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!