Announcement

Collapse
No announcement yet.

Security ISSUE

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Security ISSUE

    We have a forum and someone whom we trusted had the FTP password, now that has been compromised, we changed the passwords on the FTP and database, but somehow they keep deleting the files, is there anything from the old files (if the attacker downloaded them) that would allow them access since we keep restoring the back ups?

  • #2
    hmm, is it possible they have root acct access?

    you may consider to only whitelist your local ip for ftp connection until u can learn more and resolve...

    Comment


    • #3
      Check for any rogue administrator/moderator users, change database password...basically change every password. Even then you might remain vulnareable. You can open a ticket at vBulletin Support if you have that access. They are usually really helpful with these.

      Comment


      • #4
        Originally posted by Morfation View Post
        We have a forum and someone whom we trusted had the FTP password, now that has been compromised, we changed the passwords on the FTP and database, but somehow they keep deleting the files, is there anything from the old files (if the attacker downloaded them) that would allow them access since we keep restoring the back ups?
        If you're running vBulletin 4.2.3, then no. It has had many patches applied over the years. However before you changed your FTP passwords, they may have uploaded files that give them access. You can test this in the AdminCP under Maintenance -> Diagnostics -> Suspect File Versions. Remove any files not part of vBulletin that you didn't add. Replace any files listed as not containing the expected contents.

        Finally, FTP is not secure. Passwords are transmitted in plain text using this protocol. You should talk to your hosting provider about SFTP or FTP over TLS for more security.
        Translations provided by Google.

        Wayne Luke
        The Rabid Badger - a vBulletin Cloud demonstration site.
        vBulletin 5 API - Full / Mobile
        Vote for your favorite feature requests and the bugs you want to see fixed.

        Comment

        widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
        Working...
        X