Hacked, Again..

[AGN03]

Anyone know where this comes from?

[Sage Knight]

If you were hacked on the same host again, just simply change your host, restore a back-up and change every single password, from the FTP account to the cPanel a/c EVERYTHING. Also might want to check your access logs and ensure you're running a patched version of vBulletin and also a poorly coded plugin might be causing this aswell. How many plugins do you have?

Edit; And no I don't know about that image and it doesn't really matter anyways.

Edit; Keep an eye on this blog posts of Wayne Luke;

https://www.vbulletin.com/forum/entr...Forums-(Part-1)

[AGN03]

The only addons I'm running is everywhere sidebar and the chatbox.
Every password there is was completely changed after the first attack two weeks ago.
I'd bet a years salary that my host is secure, I have no doubt.

[ForceHSS]

then the next thing to do is update the forums to a more secure version

[L2Insomnia]

Who is your host? Do you have WHM or root access?

[Max Taxable]

Two Words.

Cloud Flare

[Willo]

Quote:

Originally Posted by Sage Knight

If you were hacked on the same host again, just simply change your host, restore a back-up and change every single password, from the FTP account to the cPanel a/c EVERYTHING. Also might want to check your access logs and ensure you're running a patched version of vBulletin and also a poorly coded plugin might be causing this aswell. How many plugins do you have?

Edit; And no I don't know about that image and it doesn't really matter anyways.

Edit; Keep an eye on this blog posts of Wayne Luke;

https://www.vbulletin.com/forum/entr...Forums-(Part-1)

Hmmm...He got hacked and you say he should change hosts, restore his site and change passwords....Why not just change passwords at the first host and save your self the effort of moving....There's most likely a door left in the site from the first hack and it seems to me that all the move/RESTORE accomplishes is to give the opportunity to get hacked at a new host.

I could be wrong but I'm sure you see my logic.

[L2Insomnia]

Cloud Flare honestly does not do alot. it actually causes more issues than anything. Really it depends on how your host setup your cpanel through whm. Many of them do really do a minimum which leaves alot of vulnerabilities (ports open that don't need to be, extra processes, insecure application configs for mysql, php etc...). The list is long of possibilities on a standard cpanel install. If you don't have root or WHM access than you will need to work with your host.

Start by doing a search of your http logs for these 2 words htaccess and filemanager
and see if you find any.

[Max Taxable]

Quote:

Originally Posted by L2Insomnia

Cloud Flare honestly does not do alot. it actually causes more issues than anything..

I have heard that some from v4 owners, but it does wonders for my v3.

[L2Insomnia]

It may increase performance in some cases I agree but it doesn't do squat for security if the hacker knows anything at all. That's what i am trying to get at People should not think "I'll just use CloudFlare and I'll be safe" as that is most likely going to lead to trouble at some point.

I'm not bashing CloudFlare just want to make it clear that using them does not by any means make you safe from getting hacked.