Announcement

Collapse
No announcement yet.

Got hacked after upraded to 3.6.7PL1

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Got hacked after upraded to 3.6.7PL1

    Hi all,

    My site get hacked after upgrade to version 3.6.7PL1, I took back control then 2 minutes later got hacked again ... they keep doing that like 10 times yesterday (06/08/07) Question is there any impact to sucurity from version 3.6.4 to version 3.6.7PL1 ? how do I trace which way they come in and hack the site.
    is there anyway I can go back to older version like 3.6.4 ?

    please help
    Same as last time but different

  • #2
    3.6.7PL1 is MORE secure than 3.6.4. Are you sure you upgraded correctly and have uploade all the 3.6.7PL1 files? Also are you running any add-ons?

    Please see this thread on how to make your vBulletin more secure:

    http://www.vbulletin.com/forum/showthread.php?t=172234

    If you are still being hacked after doing all of this, then they are most likely doing this by accessing your server. You need to contact your host about this.
    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
    Change CKEditor Colors to Match Style (for 4.1.4 and above)

    Steve Machol Photography


    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


    Comment


    • #3
      I used only 2 add ons which are "members who is visited forum today" and the top 10 " X-stats"
      I did upload the .htaccess file and .htpasswd to my domain but everytime I access to the site. it keep asking user + passwd
      Same as last time but different

      Comment


      • #4
        That's exactly the point .. it adds an extra security layer to your board. Do not use the same user/pass as you do for the forums of course. And give each admin and super mod their own user/pass for the admincp and modcp.

        Comment


        • #5
          so your advice is make 2 user name for each admin. 1 can only access to admin w/ limited permissions and second one is can be login w/ superAdmin ?
          I did turn off the add-ons on my board .. will see if still get hacked
          Same as last time but different

          Comment


          • #6
            Have you ever updated the Top-X-Stats ?

            It had a big security hole in it that was discovered around August last year. I think a patched version was released.
            Baby, I was born this way

            Comment

            Loading...
            Working...
            X