FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


My forums keep getting hacked..





waiteck
Admins of Frihost. Please help me check my forums. There is a hacker recently and kept hacking my forums.

My previous PhpBB also got hacked.. today my new smf got hacked agin!.. Admins please look into this and help me.. Although i have a backup, I do not wish to keep having it hacked.

http://waiteck.frihost.net/mmoropg/index.php
DSalisbury
Do you always update them when new versions come out?
waiteck
yes they are.. always updated. me myself as admin.. noone knows my password.
Deji
sorry to be off topic but when i go to yoursite i get forwarded to

http://enugen.ca/, im assuming thats just a domain you have but...

its a site about a Ragnarok "private" server... and im not sure thats thats allowed.

Even if your just forwarding to it from a frihost account not 100% sure if you should be doing that.
n0obie4life
It isn't allowed :O.
waiteck
opps sorry.. wrong redirection.. err. try this http://doroforums.cjb.net
err.. i know that it is not allowed.. but it just a forum? with no download content about the private server on frihost.
Well.. admins please check me check about the hacker. he caused me alot of headaches.. 1-2 days my forums get hacked even after changing version and forum type.
Bondings
waiteck wrote:
opps sorry.. wrong redirection.. err. try this http://doroforums.cjb.net
err.. i know that it is not allowed.. but it just a forum? with no download content about the private server on frihost.
Well.. admins please check me check about the hacker. he caused me alot of headaches.. 1-2 days my forums get hacked even after changing version and forum type.

I can't do much about that hacker, only give you a new subdomain/password. But certainly get rid of that pop-up on the website you gave us.
waiteck
sorry for the pop ups lol.. its the cjb redirection service.. .co.nr is currently not accepting request till september.. So i temp use cjb.. btw.. How do i track what or who meddled with my forum after it was hacked?
Bondings
waiteck wrote:
sorry for the pop ups lol.. its the cjb redirection service.. .co.nr is currently not accepting request till september.. So i temp use cjb.. btw.. How do i track what or who meddled with my forum after it was hacked?

I don't know, maybe check your log files, see who used it while it was hacked. BTW, you can try out afraid.org for a subdomain or just keep ours. Wink
Daniel15
Glad to see you're using SMF... Maybe you should install SMFShop Smile

And what do you mean by 'it was hacked'? Do you mean that someone deleted some posts, or passwords were changed, or the forum became inaccessible, or something else???

Check your server log files (using cPanel) to see who accessed your site at the time. If you want information about a particular IP address, you can do a whois on the IP. The whois will return the country, ISP, and contact address/phone number for that IP. There are lots of websites that allow you to do whois lookups, such as www.dnsstuff.com
blackant
Are you the only admin?
Did you use any other modifications?

I think the scripts you mentioned are quite highly secured, the only thing I can think of why it is being hacked...just could be someone guessing your passwords or you are using the same password elsewhere...
waiteck
Okay.. Firstly.. the person meddled with the config.. then deleted all the boards. And my passwords were personal. I dont use the same password elsewhere. And I am the only administrator.

But weird.. he only meddled with the Edit Features and Options. But not the Edit Server Settings.. So i guess he is not using any admin account to enter it.
waiteck
btw.. thx daniel.. i got this ip from the logs. 84.31.132.43
tiancai3
Perhaps u should be kept informed of the newest patch from SMF
or u can change to UBB/VBB
waiteck
My SMF was the latest version. vBB? err.. i thought that it cannot be installed on frihost?
n0obie4life
waiteck wrote:
My SMF was the latest version. vBB? err.. i thought that it cannot be installed on frihost?


vBB can be installed on frihost, with a valid and legal licence showed to Bondings.
Bondings
n0obie4life wrote:
vBB can be installed on frihost, with a valid and legal licence showed to Bondings.

This means in real language: no. Wink (that license costs a lot)
Daniel15
Make sure you're using a secure password for the MySQL database (my database passwords are usually really long passwords with no real meaning at all Very Happy

The IP address you posted is located in the Netherlands. You can view information about this IP Address here: http://www.dnsstuff.com/tools/whois.ch?ip=84.31.132.43&server=whois.ripe.net&email=on

The 'abuse' email address listed for this IP is abuse AT home DOT nl. You may wish to send an email if this IP continues hacking your site.
Devil
there are somethings u could do to avoid getting hacked always ,

1: change ur mysql pass (dont use the Frihostemail server)
2:set the config file to 444
3:check ur logs for the ip of the hackers , banned that ip from the forum ,
4:if u want u can change the location of the admin folder or rename it ,but this will be a big task ,so u will have to seek help from Smf
waiteck
Well.. Thanks everyone for your help in telling me what to do.
Related topics
Getting paid online?
Other Forums
Who actually uses their cPanel Email?!
FriHost Forums...
After SEO?
I keep getting error e-mails
quicksilver Forum Install problem
MySQL Data Not Inserting - I keep getting an error
Email - which do you think is most secure?
Forum Avatar error
"problem loading page"
Forums hacked
I keep getting all these emails for random things...
Neopets
Reply to topic    Frihost Forum Index -> Support and Web Hosting -> Web Hosting Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.