Announcement

Collapse
No announcement yet.

vBulletin 3.8.3 Exploit?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • vBulletin 3.8.3 Exploit?

    Hi

    Yesterday my hosting company [servage.net] suspended my account due to the forum/misc.php taking over 2.5 million hits and putting undue load on the shared server.

    It's a small forum [under 70 members], and pretty quiet, and ONY visible to the to Registered Members. Registration is closed, so all anyone will see is the login page.

    I have the CYB - Advanced Forum Rules and CYB - Chatbox[only accessable by the 4 Moderators], and CYB Advanced Statistics installed which refreshes every 30 secs, but surely that wouldn't generate over 2.5 million hits in 10 hours?

    From talking to some other vBulletin users I've been informed that this may be some form of attack called "teardropping"?

    Now, the hosting company are being a real PITA & refuse to re-instate my account till I take the necessary action [according to them change the problem with the misc.php script!]

    However, I cant do anything because they've locked out my ftp access as well!

    I've asked over at vbulletin .org & was advised to ask here as well

    Anyone got any ideas/suggestions as to what may have caused the HUGE amount of hits on the misc.php & how to solve it?

    TIA

  • #2
    There are no known security issues with 3.8.3. I suggest you remove all your add-ons. Then please see this thread on how to make your vBulletin more secure:

    http://www.vbulletin.com/go/secure

    If you are still being hacked after doing all of this, then they are most likely doing this by accessing your server. You need to contact your host about this.
    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
    Change CKEditor Colors to Match Style (for 4.1.4 and above)

    Steve Machol Photography


    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


    Comment


    • #3
      A DoS attack is not an exploit.
      It's just malicious use.

      Comment


      • #4
        What problem exactly are they suggesting you fix, you havent posted any evidence of actually being hacked, just ddos'd, which is not something you have any control over.
        Baby, I was born this way

        Comment


        • #5
          misc.php is used for several things. Are you running any sort of reporting feature, such as Google Analytics?
          Shawn

          Comment

          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
          Working...
          X