The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
|
#1
06-23-2009, 07:01 AM
|
|||
|
|||
vBulletin 3.8.3 exploit?
Hi
Yesterday my hosting company [servage.net] suspended my account due to the forum/misc.php taking over 2.5 million hits and putting undue load on the shared server. It's a small forum [under 70 members], and pretty quiet, and ONY visible to the to Registered Members. Registration is closed, so all anyone will see is the login page. I have the CYB Advanced Statistics installed which refreshes every 30 secs, but surely that wouldn't generate over 2.5 million hits? From talking to some other vBulletin users I've been informed that this may be some form of attack called "teardropping"? Now, the hosting company are being a real PITA & refuse to re-instate my account till I take the necessary action [according to them change the problem with the misc.php script!] However, I cant do anything because they've locked out my ftp access as well! Anyone got any ideas/suggestions as to what may have caused the HUGE amount of hits on the misc.php & how to solve it? TIA 
|
|
#2
06-23-2009, 07:13 AM
|
||||
|
||||
|
You'd probably be better asking at vbulletin.com, sounds like some kind of attack..
Do you have any other modifications installed that use misc.php?
|
|
#3
06-23-2009, 08:06 AM
|
|||
|
|||
|
Just CYB - Advanced Forum Rules and CYB - Chatbox..but I've never had a problem like this in the 2 months I've been using the CYB mods
|
|
#4
06-23-2009, 12:07 PM
|
||||
|
||||
|
My suggestion: change hosts.
|
|
#5
06-23-2009, 12:11 PM
|
||||
|
||||
|
Any form of shoutbox / chatbox is notoriously bad for server resources..
A few hosts that I know of have effectively banned their use.
|
|
#6
06-23-2009, 12:32 PM
|
|||
|
|||
|
Can you get the apache logs from the host?
Might be helpful to see what was being requested -> ips could be matched to forum users in your db; see if it was regular usage or some form of attack.
|
|
#7
06-23-2009, 12:35 PM
|
|||
|
|||
|
Quote:
The sudden jump to over 2.5 million hits seems like some form of exploit against my forum  Thanks for the replies so far guys --------------- Added [DATE]1245764474[/DATE] at [TIME]1245764474[/TIME] --------------- Quote:
That's the 1st thing I requested from Servage & got fobbed off with allsorts of ridiculous excuses 
|
|
#8
06-23-2009, 12:50 PM
|
||||
|
||||
|
r u on a dedicated server? If you're on a shared server, thats probably why they dont want to give you the logs.
Unfortunately, unless you're on a dedicated box, you're not considered a priority and you're going to get treated like caca. Change hosts or go dedicated.
|
|
#9
06-23-2009, 12:57 PM
|
|||
|
|||
|
It's a shared server & I fully intend to change hosts if I can find a decent [if there is such a thing] european host.
I've had nothing but problems with Servage from day 1
|
|
#10
06-23-2009, 01:02 PM
|
||||
|
||||
|
There are no known exploits for vB 3.8.3... post your problems re: hacing on cyb's mods post. See if anyone can figure it out...
|
 |
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT. The time now is 08:40 PM.