Announcement

Collapse
No announcement yet.

New registrations telling me they get permanent banned message

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • New registrations telling me they get permanent banned message

    Running 5.5.4 and wondering why the site is slow. Been getting people sending e mails to webmaster account saying when the register they get a message saying they have been permanently banned.
    I have no banned IP addresses being block, etc.

    I visited a VB forum site recently that I belong to and have not visited in some time and received the same permanently banned message

  • #2
    No ideas why this may be happening?

    Thanks in advance

    Comment


    • #3
      Are you using Cloudflare?

      Comment


      • #4
        Not familiar with cloudflare, so no I am not. For a server?

        Comment


        • #5
          Originally posted by ACLineman View Post
          Not familiar with cloudflare, so no I am not. For a server?
          Yes. It's frequently used to prevent DDOS attacks. I read a case not long ago of it having banned IP Address 192.168.0.1 which would ban virtually everyone.

          Do you have an htaccess file on your server other than the one that comes with the vBulletin 5 package?

          Comment


          • #6
            Server is Dedicated at Hostgator and I do have Site Lock for security

            Will have to look into the htaccess file

            Comment


            • #7
              The only other possibility coming to me off the top of my head is:

              Was your site a victim of the recent exploit?

              Comment


              • #8
                Yes sir it was and we “thought” everything was resolved and back in order. I purchased Site Lock after the fact and they did a clean up of some corrupt files then ran scans and said no malware found etc.
                We had issue’s after upgrading to the latest VB software and had no ACP access which we worked through with the support of members here.

                We did just check the htaccess files and found many htaccess files and not sure how many we are suppose to have on the server or which one’s we would need to remove if this is causing the permanent banned message our new registrations are receiving when signing up

                Thanks again for any and all help. Whatever it is, it’s basically crippling the site.

                Comment


                • #9
                  Originally posted by ACLineman View Post
                  Yes sir it was and we “thought” everything was resolved and back in order. I purchased Site Lock after the fact and they did a clean up of some corrupt files then ran scans and said no malware found etc.
                  We had issue’s after upgrading to the latest VB software and had no ACP access which we worked through with the support of members here.

                  We did just check the htaccess files and found many htaccess files and not sure how many we are suppose to have on the server or which one’s we would need to remove if this is causing the permanent banned message our new registrations are receiving when signing up

                  Thanks again for any and all help. Whatever it is, it’s basically crippling the site.
                  The only one you should have is the one that comes with vBulletin 5.

                  I would suggest you follow Wayne Luke's advice here:
                  1. Create a new directory to hold your vBulletin Files.
                  2. Download the full package of vBulletin 5.5.4 PL2.
                  3. UPLOAD this copy of vBulletin to this new directory.
                  4. Rename /config.php.bkp to config.php
                  5. Rename htaccess.txt to .htaccess
                  6. Rename /core/includes/config.php,new to /core/includes/config.php
                  7. Edit /core/includes/config.php to connect to your database.
                  8. Rename your existing vBulletin directory to something like /vbulletin_lwkesfjweqo5i78weq. do not use anything like vbulletin_old or vbulletin_backup. These are easy to guess names and will make the exploit available to the exploiters.
                  9. Rename your new vbulletin directory to the old vbulletin directory's previous name.
                  10. Investigate your attachments directory (and its subdirectories) in the old directory. Delete any files named .htaccess, *.php, *.ico, or *.bak, The only files should have a .attach extension.
                  11. Copy the attachments directory to your new vBulletin directory once it has been cleared.
                  12. Investigate your /core/customavatars directory in the old directory. Delete any files named .htaccess, *.php, *.ico, or *.bak. There should be only images file within here and the /thumbs subdirectory.
                  13. Copy your /core/customavatars directory to your new vBulletin directory once it has been cleared.
                  14. If you use custom smilies, you must do the same as above for the /core/images/smilies directory.
                  15. If you use custom post icons, you must do the same as above for the /core/images/icons directory.
                  16. Delete the old vbulletin directory.
                  17. Chmod the /core/ directory and its contents to 444. Chmod the /core/cache and /core/customavatars directory so that the web server can write to them.
                  18. Check all other directories of your website for wayword .htaccess, *.php, *.ico, and *.bak files.

                  Comment


                  • #10
                    Thank you !

                    Might I add in May/June I paid VB for the newest version and for the professional install because to be honest I am technically challenged when it comes to this stuff. It sounds like to what you posted I would need to upload and re-install once again as well as renaming files etc and I’m sure VB WOULDN’T do that for free.
                    Would this be the only recourse? Or could I try removing all the extra htaccess files with the exception of the one that came with our new install, and if so how would I determine which one that would be?

                    Sorry, I’m an idiot when it comes to this stuff obviously ; )

                    Comment


                    • #11
                      1. Log into the AdminCP.
                      2. First go to Settings -> Options -> User Banning Options.
                      3. Make sure your IP Address fragments are correct here. Having something like * will ban all IP Addresses. The best solution is to not use wildcards at all.
                      4. Next go to Usergroups -> Usergroup Manager.
                      5. Edit the Registered Usersgroup.
                      6. Make sure the Permission "This is NOT a banned usergroup" is set to YES.

                      If you have technical limitations in managing your own server, you should look into vBulletin Cloud. For a small monthly fee, we will manage your server for you. This includes all upgrades throughout the year. This year, we will have released 6 versions of vBulletin not counting security patches. If you had us perform those upgrades for you it would be almost $900. You can host your site on vBulletin Cloud for as little as $180 per year. A savings of $720.00.

                      As you have a support contract, you can email [email protected] and someone will help you with restoring your site.
                      Translations provided by Google.

                      Wayne Luke
                      The Rabid Badger - a vBulletin Cloud demonstration site.
                      vBulletin 5 API - Full / Mobile
                      Vote for your favorite feature requests and the bugs you want to see fixed.

                      Comment


                      • #12
                        Originally posted by Wayne Luke View Post
                        1. Log into the AdminCP.
                        2. First go to Settings -> Options -> User Banning Options.
                        3. Make sure your IP Address fragments are correct here. Having something like * will ban all IP Addresses. The best solution is to not use wildcards at all.
                        4. Next go to Usergroups -> Usergroup Manager.
                        5. Edit the Registered Usersgroup.
                        6. Make sure the Permission "This is NOT a banned usergroup" is set to YES.

                        If you have technical limitations in managing your own server, you should look into vBulletin Cloud. For a small monthly fee, we will manage your server for you. This includes all upgrades throughout the year. This year, we will have released 6 versions of vBulletin not counting security patches. If you had us perform those upgrades for you it would be almost $900. You can host your site on vBulletin Cloud for as little as $180 per year. A savings of $720.00.

                        As you have a support contract, you can email [email protected] and someone will help you with restoring your site.
                        Thanks Wayne
                        In the banning options setting that field is blank so there is no comma’s or asterisk, etc

                        and the other setting you mentioned is set to YES, yet I am still getting e mails from people registration ing tell me the are getting the banned message. Very frustrating.
                        Any other idea’s?

                        Comment


                        • #13
                          Are you moderating new users or validating email address? If so you'll want to verify that the Users Awaiting Email Confirmation and the Users Awaiting Moderation usergroups are not banned usergroups as well.
                          Translations provided by Google.

                          Wayne Luke
                          The Rabid Badger - a vBulletin Cloud demonstration site.
                          vBulletin 5 API - Full / Mobile
                          Vote for your favorite feature requests and the bugs you want to see fixed.

                          Comment

                          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                          Working...
                          X