Announcement

Collapse
No announcement yet.

My vBulletin 3.0.3 Was Hacked

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • My vBulletin 3.0.3 Was Hacked

    Well it took someone about 10 hours to hack my site. Never had this issue till I went to 3.0.3 yesterday so I'm wondering if there is a hole in the code somewhere?

    The user gained Admin Access to my site

    I was lucky he just posted some crap and didn't destroy the site but this does make me very worried.

  • #2
    You should keep FTP turned off IMO. Just activate it when you want to make a transfer. And you do use SSH for your terminal I/O, right?

    Comment


    • #3
      I use SSH when needing to do something in Terminal but I do use FTP a lot so disabling would be a pain in the *$# I am just worried cause I have had the same setup for awhile and no problems till after 3.0.3

      Originally posted by Dennis Olson
      You should keep FTP turned off IMO. Just activate it when you want to make a transfer. And you do use SSH for your terminal I/O, right?

      Comment


      • #4
        Theoretically, a hacker needs FTP access to your server. I have my FTP start/stop setup as a script that I run as root. I jump on, turn on FTP, do my thing, and turn it back off. A bit of a pain yes, but what price security, you know...?

        Comment


        • #5
          so...did they hack your vbulletin?, or did they hack your server? Big difference.

          Comment


          • #6
            Only hacked vbulletin not my site.

            Originally posted by decostop
            so...did they hack your vbulletin?, or did they hack your server? Big difference.

            Comment


            • #7
              How would someone hack vB? I can't fathom that. Only by uploading something to your server can it be acted upon.

              ???

              Comment


              • #8
                There are no known security issues with vB 3.0.3.

                Without knowing how you are being hacked it's difficult to stop it. For instance if your server is being compromised then there is nothing in vB that will stop a hacker from taking over.
                Here's some things you can do to increase the level of security for your forums:

                1. Upgrade to the latest version.
                2. Do not install any hacks
                3. Password protect your Admin and Mod CPs: http://www.javascriptkit.com/howto/htaccess.shtml
                4. Make sure the getadmin.php (vB2) or tools.php (vB3) file is NOWHERE on your website
                5. If you have phpMyAdmin make sure it's password protected.
                6. Inform your host of these hack attempts and ask them to check the logs to see when your account was accessed.
                7. Also ask your host to change the login password for your account
                8. Change all your Admin and Mod passwords.

                Note your forums are only as secure as the passwords you use and the server it is on. If the server is accessed then there's nothing vB can do to prevent potential security violations.
                Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                Change CKEditor Colors to Match Style (for 4.1.4 and above)

                Steve Machol Photography


                Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                Comment


                • #9
                  Originally posted by ryanhulce

                  I use SSH when needing to do something in Terminal but I do use FTP a lot so disabling would be a pain in the *$# I am just worried cause I have had the same setup for awhile and no problems till after 3.0.3

                  In addition to Steve's list, there's something else you can do - which would offer a compromise for your FTP issues.

                  Speak with whomever is hosting your server and see if they can set up the FTP Server to allow Secure FTP connections. If they can, it will reduce some of your vulnerabilities in that area, as your login credentials and data will not be sent in plaintext.
                  echo $ocean_signature;

                  ;)

                  Comment

                  widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                  Working...
                  X