Announcement

Collapse
No announcement yet.

Repeated hacking

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • [Forum] Repeated hacking

    Since last Thursday we seem to have been targeted by hackers, it looks like the original exploit was down to vbSEO sitemap, which has since been removed and files deleted (as far as I can see)

    They somehow got in again yesterday morning though, they seem to be trying to change the adsense publisher ID (reported the ID they replaced the advert with first time around).

    I can't quite see how they are getting in now though, this is the apache log file for the 30th (all for the hackers IP): http://www.vauxhallownersnetwork.co.uk/hacker.txt (with the ca-pub-id removed).

    From the Control panel log, they logged in as me at around 6:09am on the 30th.

    Any help appriciated!

    Dave.

  • #2
    First off all do not trust your files re-upload them and if you made code changes redo them and review them to see if there safe. Also look at the AdminCP if everything is as it should recheck options etc etc. Use .htaccess to secure AdminCP at the very least with an extra login and pass.

    Comment


    • #3
      Take a look at this thread - How To Make My Forums More Secure

      You should definitely have your admincp .htaccess protected.

      Please don't PM or VM me for support - I only help out in the threads.
      vBulletin Manual & vBulletin 4.0 Code Documentation (API)
      Want help modifying your vbulletin forum? Head on over to vbulletin.org
      If I post CSS and you don't know where it goes, throw it into the additional.css template.

      W3Schools <- awesome site for html/css help

      Comment


      • #4
        Thanks for the replies.

        @Lynne - I added the .htaccess password today, so hopefully that will help! - Also went through most of that guide and made some changes

        @we_are_borg - I've only just upgraded to 4.1.5PL1 so have replaced 99% of the files, I'll trawl through at FTP level later though, see if anything dodgy comes up

        Anything stand out on the hacker.txt to either of you?

        Dave.

        Comment


        • #5
          The only thing that stood out is that he tried to login 4 other times just prior to successfully logging in. But, that doesn't really tell me much.

          Please don't PM or VM me for support - I only help out in the threads.
          vBulletin Manual & vBulletin 4.0 Code Documentation (API)
          Want help modifying your vbulletin forum? Head on over to vbulletin.org
          If I post CSS and you don't know where it goes, throw it into the additional.css template.

          W3Schools <- awesome site for html/css help

          Comment

          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
          Working...
          X