Announcement

**ACLineman** · Sun 27 Oct '19, 8:46am

No ideas why this may be happening?

Thanks in advance

**In Omnibus** · Sun 27 Oct '19, 8:56am

Are you using Cloudflare?

**ACLineman** · Sun 27 Oct '19, 6:11pm

Not familiar with cloudflare, so no I am not. For a server?

**In Omnibus** · Sun 27 Oct '19, 6:18pm

Originally posted by ACLineman View Post

Not familiar with cloudflare, so no I am not. For a server?

Yes. It's frequently used to prevent DDOS attacks. I read a case not long ago of it having banned IP Address 192.168.0.1 which would ban virtually everyone.

Do you have an htaccess file on your server other than the one that comes with the vBulletin 5 package?

**ACLineman** · Mon 28 Oct '19, 4:42am

Server is Dedicated at Hostgator and I do have Site Lock for security

Will have to look into the htaccess file

**In Omnibus** · Mon 28 Oct '19, 4:44am

The only other possibility coming to me off the top of my head is:

Was your site a victim of the recent exploit?

**ACLineman** · Mon 28 Oct '19, 7:41am

Yes sir it was and we “thought” everything was resolved and back in order. I purchased Site Lock after the fact and they did a clean up of some corrupt files then ran scans and said no malware found etc.
We had issue’s after upgrading to the latest VB software and had no ACP access which we worked through with the support of members here.

We did just check the htaccess files and found many htaccess files and not sure how many we are suppose to have on the server or which one’s we would need to remove if this is causing the permanent banned message our new registrations are receiving when signing up

Thanks again for any and all help. Whatever it is, it’s basically crippling the site.

**In Omnibus** · Mon 28 Oct '19, 7:50am

Originally posted by ACLineman View Post

Yes sir it was and we “thought” everything was resolved and back in order. I purchased Site Lock after the fact and they did a clean up of some corrupt files then ran scans and said no malware found etc.
We had issue’s after upgrading to the latest VB software and had no ACP access which we worked through with the support of members here.

We did just check the htaccess files and found many htaccess files and not sure how many we are suppose to have on the server or which one’s we would need to remove if this is causing the permanent banned message our new registrations are receiving when signing up

Thanks again for any and all help. Whatever it is, it’s basically crippling the site.

The only one you should have is the one that comes with vBulletin 5.

I would suggest you follow Wayne Luke's advice here:

Create a new directory to hold your vBulletin Files.
Download the full package of vBulletin 5.5.4 PL2.
UPLOAD this copy of vBulletin to this new directory.
Rename /config.php.bkp to config.php
Rename htaccess.txt to .htaccess
Rename /core/includes/config.php,new to /core/includes/config.php
Edit /core/includes/config.php to connect to your database.
Rename your existing vBulletin directory to something like /vbulletin_lwkesfjweqo5i78weq. do not use anything like vbulletin_old or vbulletin_backup. These are easy to guess names and will make the exploit available to the exploiters.
Rename your new vbulletin directory to the old vbulletin directory's previous name.
Investigate your attachments directory (and its subdirectories) in the old directory. Delete any files named .htaccess, *.php, *.ico, or *.bak, The only files should have a .attach extension.
Copy the attachments directory to your new vBulletin directory once it has been cleared.
Investigate your /core/customavatars directory in the old directory. Delete any files named .htaccess, *.php, *.ico, or *.bak. There should be only images file within here and the /thumbs subdirectory.
Copy your /core/customavatars directory to your new vBulletin directory once it has been cleared.
If you use custom smilies, you must do the same as above for the /core/images/smilies directory.
If you use custom post icons, you must do the same as above for the /core/images/icons directory.
Delete the old vbulletin directory.
Chmod the /core/ directory and its contents to 444. Chmod the /core/cache and /core/customavatars directory so that the web server can write to them.
Check all other directories of your website for wayword .htaccess, *.php, *.ico, and *.bak files.

**ACLineman** · Mon 28 Oct '19, 8:33am

Thank you !

Might I add in May/June I paid VB for the newest version and for the professional install because to be honest I am technically challenged when it comes to this stuff. It sounds like to what you posted I would need to upload and re-install once again as well as renaming files etc and I’m sure VB WOULDN’T do that for free.
Would this be the only recourse? Or could I try removing all the extra htaccess files with the exception of the one that came with our new install, and if so how would I determine which one that would be?

Sorry, I’m an idiot when it comes to this stuff obviously ; )

**Wayne Luke** · Mon 28 Oct '19, 10:46am

Log into the AdminCP.
First go to Settings -> Options -> User Banning Options.
Make sure your IP Address fragments are correct here. Having something like * will ban all IP Addresses. The best solution is to not use wildcards at all.
Next go to Usergroups -> Usergroup Manager.
Edit the Registered Usersgroup.
Make sure the Permission "This is NOT a banned usergroup" is set to YES.

If you have technical limitations in managing your own server, you should look into vBulletin Cloud. For a small monthly fee, we will manage your server for you. This includes all upgrades throughout the year. This year, we will have released 6 versions of vBulletin not counting security patches. If you had us perform those upgrades for you it would be almost $900. You can host your site on vBulletin Cloud for as little as $180 per year. A savings of $720.00.

As you have a support contract, you can email [email protected] and someone will help you with restoring your site.

**ACLineman** · Wed 11 Dec '19, 6:21pm

Originally posted by Wayne Luke View Post

Log into the AdminCP.
First go to Settings -> Options -> User Banning Options.
Make sure your IP Address fragments are correct here. Having something like * will ban all IP Addresses. The best solution is to not use wildcards at all.
Next go to Usergroups -> Usergroup Manager.
Edit the Registered Usersgroup.
Make sure the Permission "This is NOT a banned usergroup" is set to YES.

If you have technical limitations in managing your own server, you should look into vBulletin Cloud. For a small monthly fee, we will manage your server for you. This includes all upgrades throughout the year. This year, we will have released 6 versions of vBulletin not counting security patches. If you had us perform those upgrades for you it would be almost $900. You can host your site on vBulletin Cloud for as little as $180 per year. A savings of $720.00.

As you have a support contract, you can email [email protected] and someone will help you with restoring your site.

Thanks Wayne
In the banning options setting that field is blank so there is no comma’s or asterisk, etc

and the other setting you mentioned is set to YES, yet I am still getting e mails from people registration ing tell me the are getting the banned message. Very frustrating.
Any other idea’s?

**Wayne Luke** · Wed 11 Dec '19, 6:49pm

Are you moderating new users or validating email address? If so you'll want to verify that the Users Awaiting Email Confirmation and the Users Awaiting Moderation usergroups are not banned usergroups as well.

Announcement

New registrations telling me they get permanent banned message

New registrations telling me they get permanent banned message

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment