The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#11
|
||||
|
||||
I think 90% of the time its script kiddies who mess up peoples boards. They find the vulnerability in certain softwares on these security sites. Alot of these sites also tell you how to exploit the security hole. So even though the script kiddie knows nothing about code or hacking he simply follows the instructions on the security site and "hacks" peoples boards. Why does he do it? Your guess is as good as mine.
Best way to avoid being "hacked" is to keep your forum software up-to-date and be very careful which hacks you install. Only install hacks that you need and check over the code yourself if you know what to look for. I learned that the hard way. My board was hacked about a year ago due to an SQL injection vulnerability with the Store hack for vb2. Luckily damage was minimal b/c I caught him shortly after he gained admin access. |
#12
|
||||
|
||||
Quote:
As additional security measures. Rename your modcp and admincp dirs and set .hta xs to those Keep a copy of admincp and modcp dirs, with .hta acces (these dirs will be blank as u already renamed them) but this way, these newbies or script kiddies would end up messing in places were nothing can be found at all my 2 cents |
#13
|
|||
|
|||
Quote:
|
#14
|
||||
|
||||
Quote:
|
#15
|
|||
|
|||
Yeah, there's many ways to hack a board, either by a board vulnerability (which I haven't seen any for vb3), a security vulnerability like improper passwords, improperly set permissions etc, or if the host is running vulnerable software like older versions of apache, mysql, php, has improper security permission there too, etc... (got ya scared yet?) In the later case if your host has stuff improperly set up then there's nothing you can really do to protect yourself, though with the suggestions above by others you can be sure it wasn't your own fault
They reason they hack is usually for giggles, I've known a couple of these people and they get their kicks by seeing that "404 error". The odd time it's for revenge, but rarely. Personally, including the other's suggestions, just keep a recent backup of your site on a different pc, I usually backup every couple days or so, so worst case I've lost a couple days of posts... |
#16
|
||||
|
||||
Quote:
As for the apache thing, new news to me but i understand my host has upgraded considerable over the past month to a single secure business now, i will inform him of what you have said, but knowing him it won't be an issue more, my host is a but of an update freak, lol :P - Zero Tolerance |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|