Announcement

Collapse
No announcement yet.

Have I been hacked into?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Have I been hacked into?

    On the "Who's Online" page I can see a guest reading a member's PMs without getting an error message. This shouldn't be possible. Is it possible for someone to hack into the software like this?
    Chop Dewey

  • #2
    Don't be surprised!

    Been hacked many times and had my whole site wiped out by hackers despite following every bit of security measure recommended by JelSoft. JelSoft tells me it's my host, my host tells me it's vB! Actually closed my forum down and thinking of selling my license until it becomes decently secure. Never had hacking problem until I installed vB on my site. It's a very nice piece of script but security for me is a must.
    Last edited by Blauen; Tue 23rd Jun '09, 9:15am.

    Comment


    • #3
      This is not 'hacking'. Most likely this is a search engine randomly trying different URLs and ids. This is very common. They should be getting either the red stop sign or the yield sign.
      Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
      Change CKEditor Colors to Match Style (for 4.1.4 and above)

      Steve Machol Photography


      Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


      Comment


      • #4
        Originally posted by Steve Machol View Post
        This is not 'hacking'. Most likely this is a search engine randomly trying different URLs and ids. This is very common. They should be getting either the red stop sign or the yield sign.
        That's the whole problem, no stop or yield sign.
        Chop Dewey

        Comment


        • #5
          Originally posted by Blauen View Post
          Been hacked many times and had my whole site wiped out by hackers despite following every bit of security measure recommended by JelSoft. JelSoft tells me it's my host, my host tells me it's vB! Actually closed my forum down and thinking of selling my license until it becomes decently secure. Never had hacking problem until I installed vB on my site. It's a very nice piece of script but security for me is a must.
          It is probably more often than not your host. If it isn't your host then you probably had a modification installed on your site with vulnerabilities. vBulletin is very good and secure software.

          Comment


          • #6
            What's the link or screen shot?

            The only way that would happen is if your permissions were messed up or you have a third-party add-on installed.
            Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
            Change CKEditor Colors to Match Style (for 4.1.4 and above)

            Steve Machol Photography


            Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


            Comment


            • #7
              As I said I completely deleted vB. Couldn't get any helpful solution and didn't want to risk having to restore my whole site over and over since it's time consuming. I heard they can do "sql injection" or whatever... Someone actually changed the email address on the Admin account and managed to modify the header and insert some code! Already posted many support tickets but unfortunately all I got was the standard "follow the advise on the security thread" response, which I did 100%. If you have no one after your board to hack it you should be fine. I guess I'm out of luck with vB

              Comment


              • #8
                Originally posted by Blauen View Post
                As I said I completely deleted vB. Couldn't get any helpful solution and didn't want to risk having to restore my whole site over and over since it's time consuming. I heard they can do "sql injection" or whatever... Someone actually changed the email address on the Admin account and managed to modify the header and insert some code! Already posted many support tickets but unfortunately all I got was the standard "follow the advise on the security thread" response, which I did 100%. If you have no one after your board to hack it you should be fine. I guess I'm out of luck with vB
                There are no know security issues with the latest version of vB. I also looked at your tickets and the issues you described are either due to your server or hosting account being compromised or a problem with one of your third-party add-ons. You could not have those issues if you followed those instructions to the letter. You also never followed-up after we responed to your tickets.
                Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                Change CKEditor Colors to Match Style (for 4.1.4 and above)

                Steve Machol Photography


                Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                Comment


                • #9
                  Should it make a difference whether it's a shared hosting or not? I am with BlueHost. Any known issues about it?

                  Comment


                  • #10
                    No. If you have further questions please start your own thread. Thank you.
                    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                    Change CKEditor Colors to Match Style (for 4.1.4 and above)

                    Steve Machol Photography


                    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                    Comment

                    widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                    Working...
                    X