Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
Reload this Page new user signed up as Admin
FAQ Community Calendar Today's Posts Search

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #3  
Old 12-20-2011, 02:39 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
  
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by mrfarb View Post
I had a user sign up with no email and no IP address - was also listed as an Admin! I immediatly deleted the user account. Username was TeamPS. My question is, how did he sign up? Was this breach through the host or from a VB exploit? I was running 4.1.7 which I have now upgraded to 4.1.9 - with the holidays and work I was behind on my update.

Any ideas on what I should do to secure the forum? I had no ill effects from the breach....luckily.
Ahh one of those p0wersurge members... Well you did the right thing by removing then immediately updating.

I would also:
1) Change database passwords *Don't forget to update the config.php files for vBulletin and any other software running on your site.
2) Change FTP account passwords.
3) .htaccess protect your admincp and modcp here are some useful links;
.htaccess authentication generator:
http://www.htaccesstools.com/htaccess-authentication/
.htaccess password generator:
http://www.htaccesstools.com/htpasswd-generator/
4) Check to see if they added any admin accounts, on one site they changed the primary admin account name to what they desired and went so far as to re-create the admin accounts w/ the same details but no admin permissions to throw the site owners off for a little bit.

I know adding in .htaccess will help, what they seem to be exploiting on most sites is the admin account name and password (therefor the changing of db and ftp passwords is more precautionary at the moment, the most important thing is to add .htaccess protection to your admincp and modcp folders) however if they don't have access to the server there's no way they can bypass the .htaccess protection and yes that means use a entirely different username and complex password when creating the .htaccess and .htpasswd files. Also on that note, be sure the .htpasswd is stored above public_html i.e. in /home/accountnamehere/.htpasswds
Reply With Quote
 

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 04:21 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03749 seconds
  • Memory Usage 2,405KB
  • Queries Executed 12 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (7)post_thanks_box
  • (1)post_thanks_box_bit
  • (7)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (7)post_thanks_postbit_info
  • (7)postbit
  • (7)postbit_onlinestatus
  • (7)postbit_wrapper
  • (1)showthread_list
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_threadedmode.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids_threaded
  • showthread_threaded_construct_link
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete