Announcement

Collapse
No announcement yet.

Hack Threats

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Hack Threats

    Im a moderator at a forum and we have been recently threatened by a banned member with a hack. Our forum has been hacked before, and we want to avoid that situation. I was just wondering, how can he hack the forum considering all of the moderators have changed their passwords to passwords that are virtually impossible to guess with a program, and we are running 3.0.1 with a maximum of 5 login attempts. I guess what im really asking is, is there any way that he can hack the forum without gaining access to an admins account? And how can we protect ourselves from it

  • #2
    Originally posted by giantsfan04
    Im a moderator at a forum and we have been recently threatened by a banned member with a hack. Our forum has been hacked before, and we want to avoid that situation. I was just wondering, how can he hack the forum considering all of the moderators have changed their passwords to passwords that are virtually impossible to guess with a program, and we are running 3.0.1 with a maximum of 5 login attempts. I guess what im really asking is, is there any way that he can hack the forum without gaining access to an admins account? And how can we protect ourselves from it
    I believe there's a security vulnerability with 3.0.1 with the WYSIWYG editor... so turn that off just in case

    Other than that, changing the admincp and modcp directory names would help some

    MGM out

    Comment


    • #3
      Originally posted by giantsfan04
      Im a moderator at a forum and we have been recently threatened by a banned member with a hack. Our forum has been hacked before, and we want to avoid that situation. I was just wondering, how can he hack the forum considering all of the moderators have changed their passwords to passwords that are virtually impossible to guess with a program, and we are running 3.0.1 with a maximum of 5 login attempts. I guess what im really asking is, is there any way that he can hack the forum without gaining access to an admins account? And how can we protect ourselves from it
      One thing if someone tells you those hack attempts are a bluff dont listen. (which i see you have no problem with doing)

      Protect yourself by making sure you back up everything just in case,

      Comment


      • #4
        Try using .htaccess (if you're on Apache) to password protect your Admin CP and Mod CP. Also you can use .htaccess to deny all IP's except ones that your administrators have.
        Bugdar: PHP bug tracking software that is beautiful, fast, and robust.

        Comment


        • #5
          To get vB support on these forums you first need have the license owner register you for Priority Forum Support. To do this, have him go here:

          http://www.vbulletin.com/members/mem...t_priority.php

          ...and enter your email address in one of the boxes.
          Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
          Change CKEditor Colors to Match Style (for 4.1.4 and above)

          Steve Machol Photography


          Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


          Comment


          • #6
            Or, you can be a hacker wannabe that is trying to find out if it's possible

            Get your admin to come and ask support, they're the one that can take care of the extra security options like .htaccess or renaming the directories.

            Comment


            • #7
              Originally posted by Steve Machol
              To get vB support on these forums you first need have the license owner register you for Priority Forum Support. To do this, have him go here:

              http://www.vbulletin.com/members/mem...t_priority.php

              ...and enter your email address in one of the boxes.
              He's a moderator not a vb owner

              Comment


              • #8
                Which is why I said:

                To get vB support on these forums you first need have the license owner register you...
                Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                Change CKEditor Colors to Match Style (for 4.1.4 and above)

                Steve Machol Photography


                Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                Comment


                • #9
                  Originally posted by Steve Machol
                  Which is why I said:
                  OWN'D

                  MGM out

                  Comment


                  • #10
                    ok fine...

                    but this does seem like a question your admin should ask

                    Comment


                    • #11
                      admins are really busy, so basically supers and mods run the forum. However i will direct them to this thread.

                      I just have a question out of curiosity. If we are hacked, can we press charges on the person or report them to the police?

                      Comment


                      • #12
                        Originally posted by giantsfan04
                        admins are really busy, so basically supers and mods run the forum. However i will direct them to this thread.

                        I just have a question out of curiosity. If we are hacked, can we press charges on the person or report them to the police?
                        If u got his ip I think u can

                        Comment


                        • #13
                          Originally posted by giantsfan04
                          admins are really busy, so basically supers and mods run the forum. However i will direct them to this thread.

                          I just have a question out of curiosity. If we are hacked, can we press charges on the person or report them to the police?
                          Of course you can! Hacking is a cyber crime. However, don't be surprised if the government stone-walls you. Unless there's detrimental damage involving money, they generally don't do much. Another problem can be that they are in a foreign country and the country in which the attacker resides doesn't care about these types of matters.

                          As for reporting hackers, your best bet would be to check out CyberCrime.gov.
                          Bugdar: PHP bug tracking software that is beautiful, fast, and robust.

                          Comment

                          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                          Working...
                          X