Announcement

Collapse
No announcement yet.

someone trying to sabotage new forums?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Total666
    replied
    Originally posted by Floris View Post

    Yes , I have read that article before - but it does not mention the " includes" folder .. Total

    Leave a comment:


  • Floris
    replied
    Sticky: How To Make My Forums More Secure

    Leave a comment:


  • Total666
    replied
    Originally posted by Floris View Post
    You can't really. You would have to get access to the IP of that admin to match them up. Even if the ISP range is the same as the admin, it doesn't mean it is that person.

    Best thing to do here is to stop caring actually. Ignore this happens (but don't forget it) and just ban that user and ask the user where this happened to change his or her account.

    Why do I say that? Because a fight between two communities can backfire on yours and it simply is a waste of time. Focus on your members and the content they create. If the other site is not worth it according to you and your members, then why bother spending time on them? Exactly. Make the best out of your own forum and block the abusive IP serverwide so they have to get a new IP in order to try it again.

    Of course, seeing how you are important enough for them to screw with your site (if that's actually the case here..) then it is wise to secure your vB powered forum. Add .htaccess directory protection to your admincp/ modcp/ and includes/ directory. Get a hard to guess password for it, and also a different hard to guess pass for your staff members.

    Also, keep discussions OFF the forum about that other site. If someone on your site has an issue with that web site or their members,or whatever, .. take it to private or away from the public view. Because it will just provoke the other site to cause more harm or spend more time on being abusive.

    Good luck!
    Really good info in this post , I added the htaccess to the modcp / admincp / and the includes directory .. I did not see a prompt for the includes password yet , browsing the admin cp area .. Is this more for someone trying to hack into the includes directory on the server ?? Thanks
    Last edited by Total666; Sun 15th Apr '07, 12:12pm.

    Leave a comment:


  • Rick Grunwald
    replied
    Go to the vbulletin.org site and check out the "miserable users" hack
    http://www.vbulletin.org/forum/showt...ight=miserable

    Leave a comment:


  • Corgimom
    replied
    Thanks for the advice. Most of that we are already doing (i.e. not discussing the other site in the open forums and such). We'll just keep trucking and do our best to make sure they can't get in again. Thank you!

    Leave a comment:


  • Floris
    replied
    You can't really. You would have to get access to the IP of that admin to match them up. Even if the ISP range is the same as the admin, it doesn't mean it is that person.

    Best thing to do here is to stop caring actually. Ignore this happens (but don't forget it) and just ban that user and ask the user where this happened to change his or her account.

    Why do I say that? Because a fight between two communities can backfire on yours and it simply is a waste of time. Focus on your members and the content they create. If the other site is not worth it according to you and your members, then why bother spending time on them? Exactly. Make the best out of your own forum and block the abusive IP serverwide so they have to get a new IP in order to try it again.

    Of course, seeing how you are important enough for them to screw with your site (if that's actually the case here..) then it is wise to secure your vB powered forum. Add .htaccess directory protection to your admincp/ modcp/ and includes/ directory. Get a hard to guess password for it, and also a different hard to guess pass for your staff members.

    Also, keep discussions OFF the forum about that other site. If someone on your site has an issue with that web site or their members,or whatever, .. take it to private or away from the public view. Because it will just provoke the other site to cause more harm or spend more time on being abusive.

    Good luck!

    Leave a comment:


  • Corgimom
    started a topic someone trying to sabotage new forums?

    someone trying to sabotage new forums?

    We have just had our new forums up for about a week and the administrator at another, similar forum found out (we are thinking by reading PM's at his site) about our new site. (Notation here... we are NOT trying to steal "his" members, but there were several members that had already left his site due to being unhappy and wanted a new place to gather, hence why we started our forums.) This morning... someone tried to access a member's account, but maxed out their tries. That member got the IP address, and we matched it to another member who signed up 5 minutes after trying to hack her account. What we are curious about is if there is anyway to legally track this IP address, or the email that was used to sign up the account back to the person behind it. We want to know if this person is the admin at the other forums, or just another member. If we CAN find out who this person is, is there any action we can take (other than banning the account they signed up under which was already done). Thank you.
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X