Activity Stream
Quick Links
48,167 MEMBERS
6871 ONLINE
Register Now
besthostingforums On YouTube Subscribe to our Newsletter besthostingforums On Twitter besthostingforums On Facebook besthostingforums On facebook groups

Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. 10th Apr 2008, 11:31 PM
        
    #1
    Prince is offline
    OP
    Prince
    Member

    Default Hacked

    Someone keep attacking my forum and he edit all the posts to adult content.

    He enter as a any user and do what I said above

    How this happen?

    what should be done to stop that?

    I already restored backup of my database.
    Prince Reviewed by Prince on . Hacked Someone keep attacking my forum and he edit all the posts to adult content. He enter as a any user and do what I said above How this happen? what should be done to stop that? I already restored backup of my database. Rating: 5
    Reply With QuoteRegister To Reply Ping this articlePing

    2.   Sponsored Links

  2. 11th Apr 2008, 01:02 AM
        
    #2
    Prince is offline
    OP
    Prince
    Member
    IPB can take my license down because I'm warez forum you know and this against their TOS.

    I added ACP security mod to prevent anyone access my ACP.

    He didn't changed FTP and control panel passwords, he was playing on the site itself.

    How I prevent anyone from screwing up my database

    What needed permissions need to SQL database user, may be I set it have not needed permission.
    Reply With QuoteRegister To Reply
  3. 11th Apr 2008, 10:18 PM
        
    #3
    Ak47 is offline
    Ak47
    Member
    Check your moderator logs for the posts the hacker edited and block the ip froma accessing your board and server. And never ask IPB, they took down my site for having warez... Just try finding out the IP's and blocking them.

    Reply With QuoteRegister To Reply
  4. 12th Apr 2008, 11:53 AM
        
    #4
    Prince is offline
    OP
    Prince
    Member
    Thank you Ak47, I known that IPB take off because I read their TOS carefully.

    Does anyone have a firewall script, let you protect your SQL.
    Reply With QuoteRegister To Reply
  5. 12th Apr 2008, 04:55 PM
        
    #5
    Baby Jesus
    I'd add a .htaccess login to your admin folder (I haven't used IPB in a long time but I assume the admin control panel has it's own folder, no?), then you're pretty much safe... Not much they can do unless they have a higher level of access such as ssh, ftp, etc.
Reply With QuoteRegister To Reply
  • 12th Apr 2008, 06:14 PM
        
    #6
    Ak47 is offline
    Ak47
    Member
    What Baby Jesus said is correct, password protect the admin folder directory via cpanel/or whatever control panel you have. The directory will be something like:

    http://www.yourdomain.com/admin/

    Reply With QuoteRegister To Reply
  • 12th Apr 2008, 07:34 PM
        
    #7
    Prince is offline
    OP
    Prince
    Member
    Thanks for advices

    These people post RapidShare phishers in my forum and it seems banning them pissed them off.

    It was a war from two days ago, on taking the control on the forum.

    They banned me and I returned myself by playing in mysql and banned them all and their IPs.

    Actually they failed to take control, so they played on SQL as I did. :mad:

    But Cpanel do daily backups so all they done is undone.

    I added tougher protection, I added .htaccess with deny all IP except mine.

    Google it for more info on how you do it, added very tough protections on ACP.

    Last thing need new Firewall script to prevent SQL injection, it seem IPB latest version don't beat it.
    Reply With QuoteRegister To Reply
  • 16th Apr 2008, 10:13 PM
        
    #8
    Ak47 is offline
    Ak47
    Member
    I added .htaccess with deny all IP except mine.


    to the admincp or whole site? lol

    Reply With QuoteRegister To Reply
  • 18th Apr 2008, 01:36 AM
        
    #9
    Golden Falcon is offline
    Golden Falcon
    Member
    Website's: 
    
iGotMusic.org
NitroRoms.com
GamersFire.com
    Quote Originally Posted by Ak47 View Post
    to the admincp or whole site? lol
    [/color]
    whole site would have been funny..

    Member: wtf, no one can see the site
    Admin: working fine for me o.O?
    Reply With QuoteRegister To Reply
  • 16th Apr 2008, 11:15 PM
        
    #10
    Prince is offline
    OP
    Prince
    Member
    To ACP of course, the attacks is killed away, I guess they do DDos only now.
    It seems it was security holes in the php and mysql on the previous host.
    I moved to new one and everything is fine so far.
    Reply With QuoteRegister To Reply
    • Page 1 of 2 12 LastLast
    « Previous Thread | Next Thread »

    Thread Information

    Users Browsing this Thread

    There are currently 1 users browsing this thread. (0 members and 1 guests)

    Similar Threads

    1. Hacked
      By misterjay in forum File Host Discussion
      Replies: 16
      Last Post: 10th Mar 2012, 04:42 AM
    2. The PS3 Hacked?
      By yasser37 in forum General Discussion
      Replies: 49
      Last Post: 29th Aug 2010, 12:40 PM
    3. PS3 Hacked
      By DeLeTeD in forum General Discussion
      Replies: 28
      Last Post: 26th Jan 2010, 08:45 AM
    4. I got hacked i think
      By ravi_4289 in forum General Discussion
      Replies: 13
      Last Post: 2nd Aug 2009, 10:39 PM
    5. I got hacked
      By WManup in forum General Discussion
      Replies: 9
      Last Post: 2nd Aug 2009, 07:08 PM

    Tags for this Thread

    BE SOCIAL
    FAQ | SITEMAP
    Copyright ® 2008 - 2015 besthostingforums.com
    Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.
    BestHostingForums.com is a great place to learn about Internet Marketing Online, SEO Techniques, Search Engine Marketing and resources for Web Development.