Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions

Reply
 
Thread Tools Display Modes
  #1  
Old 09-26-2008, 03:10 AM
Memphis834@yaho's Avatar
Memphis834@yaho Memphis834@yaho is offline
 
Join Date: Jun 2007
Location: Massachusetts
Posts: 58
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Major Issue

Okay, earlier today before I left for work, my site had several apache messages pop up. I get home from work and try to log into my site and it says that I have the wrong password/username. Evedently any account that logs out, is now unable to log back in. All my users are getting the same "You've reached the password quota" message. So I'm assuming that once again, I've been hacked. Is there anyway that I can fix this problem asap?
Reply With Quote
  #2  
Old 09-26-2008, 03:17 AM
nexialys
Guest
 
Posts: n/a
Default

this is related to the server, not the software... you will have to contact your host...
Reply With Quote
  #3  
Old 09-26-2008, 11:15 AM
Memphis834@yaho's Avatar
Memphis834@yaho Memphis834@yaho is offline
 
Join Date: Jun 2007
Location: Massachusetts
Posts: 58
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

vb is just not all that secure. This is the second time this has happend. Right now it's escalated to the point where everyone is now IP banned and no one can even view the site. My server host's response:

Quote:
hi there

is this still an issue? your website is active / online working very fast for us using the firefox / seamonkey browser;

http://nationofhiphop.net/

-----------------------------------------
You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so
-----------------------------------

Most hacks occur due to insecure PHP scripts, some code may have entered your website by a vulnerability in your scripts, please update your scripts to the latest versions and change your accounts password.

please look at the following articles:

http://www.google.com/search?q=mysql+injection
http://en.wikipedia.org/wiki/Cross-site_scripting
http://www.google.com/search?q=php+s...ulnerabilities

regards
Whatever, guess there's nothing I can do as usual.
Reply With Quote
  #4  
Old 09-26-2008, 11:22 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

What is your setting for:

AdminCP -> vBulletin Options -> Server Settings and Optimization Options -> Session IP Octet Length Check
Reply With Quote
  #5  
Old 09-26-2008, 11:29 AM
Memphis834@yaho's Avatar
Memphis834@yaho Memphis834@yaho is offline
 
Join Date: Jun 2007
Location: Massachusetts
Posts: 58
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks for response Marco but atm, I'm banned from my own site. Can't even access the admincp. But I guess if I decided to make another site which I'm not sure of now (I'm a target for hackers for some reason and have had several sites hacked) I could keep that in mind. Thanks.
Reply With Quote
  #6  
Old 09-26-2008, 11:58 AM
y2ksw's Avatar
y2ksw y2ksw is offline
 
Join Date: Aug 2003
Location: Italy
Posts: 1,418
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Are you locked out from your site or the forum only?

If it is the site, the server and/or your server account got hacked. If you can still access the forum pages, but can't login, your forum has been hacked.

In order to assist we need to know where you need help
Reply With Quote
  #7  
Old 09-26-2008, 12:08 PM
Memphis834@yaho's Avatar
Memphis834@yaho Memphis834@yaho is offline
 
Join Date: Jun 2007
Location: Massachusetts
Posts: 58
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm locked out of my forum as is every other member of the site. Any page you try to visit on the forum, it just says that you've been IP banned.

My host is terrible and took away my cpanel like 2 weeks ago. I've contacted them about it and they said the reason was because I didn't renew the domain name that they provided which imo is rather absurd. I said, alright, I'll renew the domain that I don't use in order to get my cpanel back. The sales team has still not let me gain access to my cpanel.

So byethost<<<
Reply With Quote
  #8  
Old 09-26-2008, 12:23 PM
y2ksw's Avatar
y2ksw y2ksw is offline
 
Join Date: Aug 2003
Location: Italy
Posts: 1,418
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

So this means you don't have even access to the database?

Well anyway this should do the job:

UPDATE setting SET value='0' WHERE varname='ipcheck' LIMIT 1;
UPDATE setting SET value='' WHERE varname='banip' LIMIT 1;

Please note that you may need to change also the datastore => options row, setting the above values accordingly.

Changing these values remove the IP ban, but the hacking damage may go further.
Reply With Quote
  #9  
Old 09-26-2008, 01:51 PM
Memphis834@yaho's Avatar
Memphis834@yaho Memphis834@yaho is offline
 
Join Date: Jun 2007
Location: Massachusetts
Posts: 58
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I have no clue what happened, but I just came home and went to my site and it's back. So this might have not been a hack job but rather my host just somehow messing up my site. But anyways, as always you guys are great and are willing to help. I appreciate it.
Reply With Quote
  #10  
Old 09-26-2008, 01:57 PM
SEOvB's Avatar
SEOvB SEOvB is offline
 
Join Date: May 2007
Location: Indianapolis
Posts: 2,451
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Memphis834@yaho View Post
vb is just not all that secure. This is the second time this has happend. Right now it's escalated to the point where everyone is now IP banned and no one can even view the site. My server host's response:



Whatever, guess there's nothing I can do as usual.
No, you're just not secure. vBulletin is only as secure as its admins/server.

I've been running vBulletin for over 3 years now, and never once been hacked.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 09:51 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04159 seconds
  • Memory Usage 2,248KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (9)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete