WHMCS Exploit attacks.

[Mindy]

All good points and I'll leave it to the green mods or admins to decide what to do - I do think that IP's shouldn't really be posted here, but pm'd instead if we are going to check them.

I dont think that protecting our members is policing the internet though. We don't allow people to do other things (like sell scripts that are the property of others) that are cheating or abusive so banning hackers on KWWH seems reasonable.

[Sp32]

Instead of finding out who the attacker is I believe we should be more focused on securing our servers.

[Krun!x]

Instead of finding out who the attacker is I believe we should be more focused on securing our servers.

I couldn't agree more.

I don't really care if he's banned or not, it doesn't really make any difference to me. YOUR security is YOUR responsibility. If you don't take it seriously you will get hacked, it's always been like this. In some cases it's good, it puts noobs out of the industry and leaves space to the real providers who have a clue about security and servers.

[Mr Happy]

Instead of finding out who the attacker is I believe we should be more focused on securing our servers.

Obviously but I want to know I can trust KWWH with my details.

I dont think that protecting our members is policing the internet though. We don't allow people to do other things (like sell scripts that are the property of others) that are cheating or abusive so banning hackers on KWWH seems reasonable.

Ya but selling scripts they don't have the rights to or abusing members directly affects KWWH. Their are potential legal issues directly affecting KWWH in both cases (DCMA or racism charges etc). If QuickSand were to hack a website I owned it wouldn't have any direct legal connection to KWWH unless by some weird situation he gained access to my KWWH account and I had the server login details in a PM. It's exactly the same way KWWH doesn't ban members for transactions that happen outside KWWH. If the transaction happened as a result of a sales thread then KWWH does get involved.

All good points and I'll leave it to the green mods or admins to decide what to do - I do think that IP's shouldn't really be posted here, but pm'd instead if we are going to check them.

I'd be extremely worried if you started handing out IP's or other details over PM to other members and I'd suggest an immediate halt to this if any staff are involved in this as it still breaks the privacy policy.

Privacy and personal details on a site like KWWH are incredibly important due to the nature of things being discussed. We all hear about the privacy issues sites like Facebook, Google, etc. and they aren't even about such serious issues as uploading and distributing illegal content.
Look at all the anger their was when Hotfile were ordered to hand over IP's of uploaders by the court and your just handing them out free without a court order via PM?

These are extremely sensitive details and should be treated so.

[Mindy]

I'd be extremely worried if you started handing out IP's or other details over PM to other members and I'd suggest an immediate halt to this if any staff are involved in this as it still breaks the privacy policy.

We aren't handing out IP's to anyone MrHappy....i'm not sure how you got that from what I said.

[Mr Happy]

We aren't handing out IP's to anyone MrHappy....i'm not sure how you got that from what I said.

I meant any details and it's from this topic http://www.besthostingforums.com/1160974-post5.htm Your matching an IP to a username and I'd be afraid you'd tell that person which member matches that IP.

[pubic_html]

I couldn't agree more.

I don't really care if he's banned or not, it doesn't really make any difference to me. YOUR security is YOUR responsibility. If you don't take it seriously you will get hacked, it's always been like this. In some cases it's good, it puts noobs out of the industry and leaves space to the real providers who have a clue about security and servers.

Well you're right.

But if its something wrong in WHMCS they should take action against this.

But they have released some patch's already.

Regards

[Mrgeek]

If even take a few steps towards securing your whmcs if it's the admin area change the folder name or something.

[bhanuprasad1981]

i had similar attack ,woke up a morning to find 109 ips banned by whmcs for illegal login atatempt ,simply restricted admin access to only one static ip of mine, two days back some hacker again created a client account and created a suppport ticket with php code in subject line some 800 characters long which didnt helped him to hack my site.whmcs guys say i am safer as long as i use latest version but truth is i am really worried

[torrfriend]

created fake admin pages, so who ever tried for hacking admin area is mailed to me(with username, password, and ip) so i ban their ip in this way only.........

i don't know any other ways to ban, and don't know how to check whether they're hacking or not...

but banned most spam bots ip:



Note:
i checked these ip's with awstats ip list, half are spam bots, so banned most, but still they're trying to do some with another ip's.........


So we need security section to discuss about exploits, protecting sites from hacking and experience of webmaster(it's important) , because now a days tons of hacking and others are going on......


I mostly get banned ip list from this[they have api, but i don't know how to use ]:

Homepage: http://www.Blocklist.de
List : http://www.blocklist.de/en/export.html

Typ: all

Last change: T05:00:16 +0100 (CET)
Counts: 33909
Description: All listed IP-Addresses, who attacks one of our Customer/Server in the last 48 Hours.
Download: http://www.blocklist.de/lists/all.txt