Board Hacked
- Thread starter hobbes51
- Start date
change ADmincp & modcp file name's from FTP then change the config.php file...search for admincp and change it to what the current ACP & MCP ( file names must be the same as the config.php)
2- put a firewall on your ACP DIR & MCP and put a one one the FAke ACP DIr to get that person looks like Crazy!!
2- put a firewall on your ACP DIR & MCP and put a one one the FAke ACP DIr to get that person looks like Crazy!!
renamed those directories. one of my administrators (not the admin account) had lost all of his permissions so i'm guessing his password might have been a vulnerability. Maybe this guy brute forced the low level administrator account?
Also, is there a quick way to setup a firewall for those directories in cpanel? i feel a little better now, but im just happy i caught this before anything bad happened
thanks for the help
Also, is there a quick way to setup a firewall for those directories in cpanel? i feel a little better now, but im just happy i caught this before anything bad happened
thanks for the help
SpeedRazors
New Member
how do you get a firewall on your ACP ???
sweety_vbulletin3_import9520
New Member
hobbes51 said:
Yes you can password protect folders with .htaccess, ensure the password and username you use with the .htaccess is different than your forums admin user/pass.
You can password protect directories in cPanel. Also only give secondary admins limited functions to reduce the damage if their account is compromised, and add yourself to undelete able users on vBulletins config.php file.
htaccess-generator:
.htaccess Generator :: Webmaster Toolkit
.htaccess Generator :: Webmaster Toolkit
they changed a bunch of admin passwords.. the whole board is a real mess now.. closed it down but still dont know how to get these guys out of the system..
everytime i reopen the board they post as my admin account now .. i think i locked them out of admincp though
any ideas?
everytime i reopen the board they post as my admin account now .. i think i locked them out of admincp though
any ideas?
Paul Heyman
New Member
scan your PC for spyware and viruses. they could still be keylogging you. tell your other admins to do the same and make sure the softwares are up-to-date 
for anti-spyware, I recommend Counterspy. it's real good
yeah lol, i was wonderin' how to do that.
for anti-spyware, I recommend Counterspy. it's real good
ryu said:
yeah lol, i was wonderin' how to do that.
so i upgrade to RC 2, secured the board.. but now there's a problem with logging in .... no passwords are working.. I can sign up for a new account and the user automatically logs in, but as soon as i type in the password somewhere it wont verify..
tried resetting the passwords and still wont login.. does this have to do with my permission locked folders?
tried resetting the passwords and still wont login.. does this have to do with my permission locked folders?
pistolpete
New Member
i just dont see why dickheads get such a kick outta hackin peoples board and posting spam ... i had the same thing happen to my board.. stupid usernames and then all they do is load my forums full of crap of porn advertising...! there must be some pretty bored lil people sittin at home..
I screen each new registration on my boards personally. if something smells even remotely fishy, I reject the registration. I feel it is better to err occasionally on the side of paranoia than to be consistently foolish. Users who seem up to no good, usually are.
I know many board owners or Administrators care more about the quantity of members rather than the quality? I can't tell you how many boards I have seen where the Admins are not employing adequate spam protection on their registration page and allowing their members list to swell with members who are actually automated key machine spambot registrations. I have never read a good post by viagracheappp. Have you?
I feel there is no substitute for an Administrator with a hands on involvement in his board, who takes an active interest in maintaining the quality and integrity of his board. I watch who's online like a hawk. When you see an unregistered guest on a closed, registered members only forum, who is looking at Administrator PM on the who's online list -you should be more than a little curious as to how that could be. I am the only person with Administrative permissions on my board. I don't even have super Mods. I don't even want staff looking at member IPs.
Changing your Administrator password regularly is a good practice. The longer the password the better.
I have a Shoutbox and a Top Stats feature on all my sites; but I have never been hacked or suffered any serious vandalism whatsoever. I know forum Admins who absolutely refuse to use any hack whatsoever because they feel it makes them vulnerable to hackers. It is said those hacks are major security vulnerabilities.
Preventing the ability to use html in posts is a necessity to prevent the embedding of malicious files that could redirect your forum's url. But even then it can sometimes be done with a booby trapped image. Turkish hackers are famous for that one.
I suppose if someone with ability really wants into your forum, there isn't much you can do until you catch them.
My motto? Daily backups - Daily backups- Daily backups!
Best regards,
B.
I know many board owners or Administrators care more about the quantity of members rather than the quality? I can't tell you how many boards I have seen where the Admins are not employing adequate spam protection on their registration page and allowing their members list to swell with members who are actually automated key machine spambot registrations. I have never read a good post by viagracheappp. Have you?
I feel there is no substitute for an Administrator with a hands on involvement in his board, who takes an active interest in maintaining the quality and integrity of his board. I watch who's online like a hawk. When you see an unregistered guest on a closed, registered members only forum, who is looking at Administrator PM on the who's online list -you should be more than a little curious as to how that could be. I am the only person with Administrative permissions on my board. I don't even have super Mods. I don't even want staff looking at member IPs.
Changing your Administrator password regularly is a good practice. The longer the password the better.
I have a Shoutbox and a Top Stats feature on all my sites; but I have never been hacked or suffered any serious vandalism whatsoever. I know forum Admins who absolutely refuse to use any hack whatsoever because they feel it makes them vulnerable to hackers. It is said those hacks are major security vulnerabilities.
Preventing the ability to use html in posts is a necessity to prevent the embedding of malicious files that could redirect your forum's url. But even then it can sometimes be done with a booby trapped image. Turkish hackers are famous for that one.
I suppose if someone with ability really wants into your forum, there isn't much you can do until you catch them.
My motto? Daily backups - Daily backups- Daily backups!
Best regards,
B.