The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
06-20-2006, 02:39 AM
|
|||
|
|||
VB really this terrible????? Can it Be
I am very upset. I run a forum with 7 thousand members and 240K posts. I am getting hacked every day now. Is this really how crappy vbulletin is? I mean You can not fix security holes in the software. Very unhappy. I may have to go to IPB. Terribly disappointing.
|
|
#2
06-20-2006, 02:55 AM
|
||||
|
||||
|
There are many ways of your board being 'hacked' that have nothing to do security holes. Which version are you running?
|
|
#5
06-20-2006, 03:04 AM
|
||||
|
||||
|
Assuming that you are running 3.5.4 (which the site in your sig is) then you really need to look elsewhere on your server, there are no known 'holes' in that version, but there are lots of other ways to break into a server.
|
|
#6
06-20-2006, 03:22 AM
|
|||
|
|||
|
Quote:
I am running 3.5.4. Someone keeps logging in under one of my Super Mods account, changing himself to admin and moving everysingle post to the trash section of my board. Noone is getting intot the server. there are using this how I do not know but they are: 17116 N/A 14:08, 19th Jun 2006 css.php edit style id = 1 206.149.148.27 17115 N/A 14:08, 19th Jun 2006 css.php update style id = 1 206.149.148.27 17114 N/A 14:08, 19th Jun 2006 css.php edit style id = 1 206.149.148.27 17113 N/A 14:08, 19th Jun 2006 css.php edit style id = 4 206.149.148.27 17112 N/A 14:08, 19th Jun 2006 css.php update style id = 4 206.149.148.27 17111 N/A 14:08, 19th Jun 2006 css.php edit style id = 4 206.149.148.27 17110 N/A 14:07, 19th Jun 2006 css.php edit style id = 3 206.149.148.27 17109 N/A 14:07, 19th Jun 2006 css.php update style id = 3 206.149.148.27 17108 N/A 14:06, 19th Jun 2006 css.php edit style id = 3 206.149.148.27 17107 N/A 14:06, 19th Jun 2006 template.php modify 206.149.148.27 If you see, this is from the control panel. There is no name given and this is what they do and then they have access to everything. Somehow they are taking that SuperMod and making it say admin under it and moving everything. This is what they do after they login and change the password to the SuperMod and make him admin: 17106 13:28, 19th Jun 2006 thread.php dothreadsall 83.149.72.74 17105 13:28, 19th Jun 2006 thread.php dothreads 83.149.72.74 17104 13:27, 19th Jun 2006 thread.php move 83.149.72.74 17103 13:27, 19th Jun 2006 moderate.php posts 83.149.72.74 |
|
#7
06-20-2006, 06:09 AM
|
||||
|
||||
|
you got to be joking right???? your blaming vBulletin software for being hacked,I have been running vBulletin for 2 years and have not had an ounce of trouble,I'm the only one that has access to my server and am super admin
1. who else has access to your server??? 2.how many admins do you have??? could be a admin logging in using a proxy and playing games |
|
#8
06-20-2006, 09:11 AM
|
||||
|
||||
|
Quote:
|
|
#9
06-20-2006, 10:18 AM
|
||||
|
||||
|
Quote:
1. Disabling all of your hacks and addons 2. Updating all of your passwords(ftp etc), and forcing all staff to update their passwords? 3. password or ip protecting your admincp and includes directories? 4. Scanned for foreing files? 5. Contacting your hosting provider? 6. Contacting vBulletin support for assistance? |
|
#10
06-20-2006, 11:32 AM
|
||||
|
||||
|
Also, is it the same supermod's account that they keep getting into? Keep in mind that the biggest security holes are the people we have on our teams. If it's the same person, you may need to demote them.
Also, check the permissions that you have set for your supermods. Make sure you didn't give them rights to the control panel and the ability to change member status. |
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 12:39 AM.