The Arcive of Official vBulletin Modifications Site.

flnz400 · #1 06-02-2008, 12:02 PM

My board was hacked yesterday, and they somehow made the jump from my acp to ftp/cpanel...dunno how yet.

Are there any other security measures that I can add besides a captcha upon signup to get rid of a lot of the bots?

Also, I'm upgrading to 3.7 from 3.6.8 as we speak, so I'm assuming that will help a bit, no?

Thanks!

Marco van Herwaarden · #2 06-02-2008, 12:07 PM

Please read the following thread on how to improve security for your board:
http://www.vbulletin.com/forum/showthread.php?t=194701

PS If they can access your FTP/cPanel then you should contact your host and let them review the situation.

Princeton · #3 06-02-2008, 12:07 PM

to be safe - I suggest changing all your passwords (admincp/ftp/etc).

check for files that you did not upload and check each file for edits

Alfa1 · #4 06-02-2008, 12:20 PM

- Better contact your hosting company and ask them to up the servers security. This should not be just one phonecall, but a process of making your security better. You will probably find how good or bad your hosting co is.
- Study phpinfo.php to see what you have turned on. Ask your host to shut down anything that you do not need.
- Make sure that you do not have any directories accessible, writeable or executable for the public that should not be.
- Make sure all software on your server is up to date. Old software often has exploits.
- See if you can find someone that is versed in IT security or hacking and let them examine your site's security holes.
- Study your server's logs and your admin logs. IP ban problematic IP's.
- If your server can be overloaded easily, then consider blocking the FTP and pop3 service for all but your IP's.
- Learn from every attack. Find out what has gone wrong. Solve the problem and wait for the next attack.
- Keep an eye on whos online during attacks and ban the hackers accounts.
- Make your staff switch passwords regularly
- Do NOT under any circumstance allow your staff to have hotmail, yahoo or Gmail accounts.
- Make your staff aware of page spoofing. Page spoofing is the simplest method for hackers to get your password. So in other words: never log in on a page, that you have arrived at, following a link sent to you.

flnz400 · #5 06-02-2008, 01:01 PM

Thanks, great tips!

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.04334 seconds Memory Usage 2,191KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (5)post_thanks_box (5)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (5)post_thanks_postbit_info (5)postbit (5)postbit_onlinestatus (5)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!