Announcement

Collapse
No announcement yet.

Problem Avast and Admin CP

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wayne Luke
    replied
    Originally posted by RedHacker7 View Post
    The hackers had find "hole" in vbulletin programm and infected and other sites
    As vBulletin doesn't let you upload executable files through any of its functions, this would be either through an addon that you installed or a third-party application on the server. If you can show server logs where the code was written to your config.php file through a standard vBulletin function, then we will look at the server logs. However having the code of any virus is not going to provide any information whatsoever that will make your forums and server more secure.

    All the information provided so far points to a worm on the webserver. Since the link in post #16 isn't even using vBulletin, this points to it.

    CHMOD your files to 644. If they don't work with those permissions, tell your host to make them work. Lunarpages has had enough security issues in the past that is should be their top priority to secure their customer's websites. Though you haven't followed one step in securing your vBulletin that I have already linked to. I can access your Admin CP directory directly without .htaccess. There is also no protection on your modcp, install or includes directories. All I need are passwords and your customer number and I have full access to everything.

    Leave a comment:


  • pcg
    replied
    I had this happen to mine today too. I did re-upload files from the Vbulletin download area and is fine.

    Leave a comment:


  • RedHacker7
    replied
    I change FTP Account,Admin Account and Host Account

    Leave a comment:


  • Trevor Hannant
    replied
    Passwords!

    Leave a comment:


  • RedHacker7
    replied
    Change but what Database?

    Leave a comment:


  • Trevor Hannant
    replied
    Change the following:

    FTP
    Database
    Admin Account
    Hosting Account Control Panel

    If you're still having problems, ask your host to move you to another server or consider moving hosts altogether!

    Leave a comment:


  • RedHacker7
    replied
    When change passwords for ftp,host server,admin ? Any other solution?

    Leave a comment:


  • Trevor Hannant
    replied
    Originally posted by RedHacker7 View Post
    Its same....
    And i think its same are http://www.vbulletin.com/forum/showthread.php?t=306375
    And what's Zachery's advice?

    Leave a comment:


  • Trevor Hannant
    replied
    This can only happen if they're able to upload a file onto your server. This means that either your FTP details are not particularly secure or another site on the same physical machine as your site files isn't.

    I've been there, it's happened to me and it was down to another site's forum (not vB software BTW!) which hadn't been updated and used a password of "password" on it's FTP account.

    A quick word with the support team at the hosts and my site was moved to a new box and the other forum's site blocked until he secured it properly. After that, no problems.

    Try changing your FTP password to a random string of letters, numbers and characters (e.g. ob34!ion56). That will make it harder for hackers to get into your account although you're still vulnerable if another site has crap security on it's files/account.

    Leave a comment:


  • RedHacker7
    replied
    Its same....
    And i think its same are http://www.vbulletin.com/forum/showthread.php?t=306375

    Leave a comment:


  • Trevor Hannant
    replied
    Look at what? Key words here:

    My WordPress blog has an infection

    WordPress is not vBulletin so why is this relevant to your problem?

    Leave a comment:


  • RedHacker7
    replied
    Shared hosting "Lunarpages" and look this http://forums.digitalpoint.com/showt...p#post11229427

    Leave a comment:


  • Trevor Hannant
    replied
    Not if you secure it properly - or your host secures their servers properly!

    Are you on a dedicated server or shared hosting?

    Leave a comment:


  • RedHacker7
    replied
    The hackers had find "hole" in vbulletin programm and infected and other sites

    Leave a comment:


  • Wayne Luke
    replied
    We don't want to see your virus. Please see: How To Make My Forums More Secure

    Leave a comment:

widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X