The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
||||
|
||||
Someone extracted all users' emails from vBulletin DB
Hello,
I have a vBulletin forum 4.2.1 . It is about Table Tennis. Unfortunately last week all our community members (about 5000 users) have received emails from some guy who owns a Table Tennis Hall, regarding some Competition there... He has an account on my forum and he registered there with the email responsible for the spam. I think he hacked our database and extracted all users' emails so he can promote his business. I must specify that send mail function is disabled for all users in our forum. What can I do? |
#2
|
|||
|
|||
Check server logs by getting in touch with your host if needed
|
#3
|
|||
|
|||
Send in an abuse report to the email service. As he is using it in violation of his signed agreement with them.
If for example it is johnsmith @yahoo.com Then send a copy of the spam email along with the headers to abuse@yahoo.com Naturally use the name of the email account, if it is not yahoo. Just put the word abuse in front of the name as above. |
#4
|
||||
|
||||
I mean, it is possible for any user (no moderator or admin) to extract emails from vBulletin DB? (last version)
Can we somehow secure the database? |
#5
|
||||
|
||||
The only way they could have done that is if they hacked your server, or an admin account, and were able to query the database.
|
#6
|
||||
|
||||
Quote:
The acces to mySQL is posible only from localhost, as the hosting adminstrator confirmed me. |
#7
|
|||
|
|||
Anything can be hacked no matter how secure you or your host makes it. Tell your host to check server logs
|
#8
|
||||
|
||||
Quote:
So no more logs available. My question is how to secure the DB so this never happen' again. Or if someone have some knowledge's about similar facts on vBulletin DB. |
#9
|
|||
|
|||
Quote:
|
Благодарность от: | ||
Big Al |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|