Announcement

Collapse
No announcement yet.

Can't Stop the Hacking

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Smartin
    replied
    Just to add something here...

    I am on Hostrocket, and am getting hacked every day. All I do is reload the database, and it's fine. But it's getting really frustrating, and I have folloed all advice that Steve and others have given me. I REALLY don't want to go through the hassle of changing hosts, but it may be the only answer.

    Leave a comment:


  • twonky
    replied
    HostRocket has been a very stable host for me, the few problems I've had have been taken care of quickly.

    This latest hacking thing just ticks me off. What's the purpose? My site had probably 30 users, of which 15 were posting semi-regularly. Hardly a wart on the internet's backside. But for some reason they felt like my site was hack worthy.

    I apologize to the vBulletin team if I offended anyone. My frustration level just maxed out over the weekend and I just needed to vent.

    I had my host move me to another server and, while I see the hackers IP addresses accessing the forums, it appears that the hackers are not able to do anything at the moment. But that doesn't calm my nerves any. Evertime I reload the forum I have a little heart attack before it loads correctly.

    Anyway, just a little rant/update on my goings on with HostRocket. They're still pretty good in my book.

    Leave a comment:


  • Mighty Mouse
    replied
    thanks for your continued support.

    Leave a comment:


  • Steve Machol
    replied
    We officially cannot recommend hosts but a number of customers have recommended hosts they are happy with in the the vBulletin Hosting Options forum:

    http://www.vbulletin.com/forum/forum...?s=&forumid=11

    Also checkout this site:

    http://www.webhostingtalk.com/

    Leave a comment:


  • Mighty Mouse
    replied
    About every ten minutes for me now, a new page..new names etc. Blah.

    Steve,

    Who would you recomend as a good host to use? I am done with them not addressing the issue so I am hunting for another host.

    Thanks.

    Leave a comment:


  • Mighty Mouse
    replied
    Originally posted by Steve Machol View Post
    I did help and advise. That was the point. *sigh*

    maybe I should have added the words "any further" to the end of that statement. You were very helpful in the begining....and I don't think anywhere I ever posted or any ticket I have ever submitted said that you were not helpful.

    Leave a comment:


  • Mighty Mouse
    replied
    ummm.....I know.

    You know what, nevermind. I thought that post was saying that you were helping, amidst the frustration and that I was not in anyway attacking him or VB. Nevermind. I guess every post I make looks offensive.

    Leave a comment:


  • Zachery
    replied
    He very clearly did help and advise solutions.

    Leave a comment:


  • Steve Machol
    replied
    Originally posted by Mighty Mouse View Post
    If you are not interested in helping/advising...then just say so,
    I did help and advise. That was the point. *sigh*

    Leave a comment:


  • Mighty Mouse
    replied
    Steve, I am really not trying to be an ass, but that was a very defensive post. Did my post come accross as offensive? I was simply stating my frustration and that hostrocket people are bieng dicks about it. Which is why I came back here to ask what exactly we can tell them.

    I'm sorry if you think I (we) are attacking you. You don't need to attempt to defend yourself everytime I post or send a ticket, I am simply seeking advice. Obviously the common denominator here is hostrocket. and I just may leave them, but for now I just want it to stop.

    If you are not interested in helping/advising...then just say so, I would respect that answer and leave you and VB alone on this matter. I am simply looking for advice, I am not here posting to bash you or the software.

    Leave a comment:


  • mikesz
    replied
    This looks like a system hack rather than a site hack...

    If you look at the page source, the hacker has included a <head> block inside the normal one that is generated by vB. It does not look like the hacker actually accessed the vb code but rather has figured out a way to insert a head block at run time which seems to make it a hosting problem. Other than the insertion of the head block, the vb codes appears to be intact.

    Correct me if I am wrong.

    regards, mikesz

    Leave a comment:


  • Steve Machol
    replied
    P.S. I looked at your ticket. The only way you could have been hacked the way you were is by someone manually changing the master templates directly in the database.

    I'm sorry you don't believe that, but I also worked very hard helping you and investigating the cause of this problem for you. I have absolutely nothing to gain by lying and if I thought this was through a possible hole in vB I would have immediately brought it to the attention of the developers.

    Leave a comment:


  • Steve Machol
    replied
    That depends on exactly what is being done. If files are being changed or the database manually altered, then this is something that can only happen at the server level.

    Also you are as ssecure from the vB end of things that you can be if you are running the latest version of vB and have followed all the suggestions here:

    http://www.vbulletin.com/forum/showthread.php?t=172234

    It would seem that if there were such an obvious exploit in the latest unmodified version of vB with all the recomnmended security measures in affect, then it would be happening to a lot more people than those on Hostrocket.

    There are absolutely no known or confirmed exploits in the latest version of vB. When these are known we fix them and provide patches within 24 hours.

    I and the Team work VERY hard on every reported hacking to (a) restore their forums and (b) ensure they are as secure as they can be. And I can tell you that in every instance I have dealt with, the hacking has been through either an older version of vB with known exploits, an unsecure add-on or change made to the code, or someone with direct access to that server and account.

    So if someone doesn't want to believe us and they don't believe we take security seriously then there is really nothing I can say that will change their minds.

    As for HR, I left them several years ago for a very good reason. Of course that was many years ago and things can change. That is all I will say about that.

    Leave a comment:


  • Mighty Mouse
    replied
    I have host rocket and am beign repeatedly attacked. The staff here has worked with me, but finally are giving me the "contact your host" response as well. I don't mean to be a turd about it, but it is frustrating to say the least. The host is pointing at vb and vb at the host. So we are stuck. I am hoping this recent upgrade will fix, but I am reluctant.

    Does the vb staff have any suggestions we can tell hostrocket? I simply don't know enough to argue with them, and I even forwarded your (vb's) ticket response to them, but still they point the finger at you.

    *frustrated*

    Leave a comment:


  • Zachery
    replied
    Actually there's been some talks about people being hacked via host rocket lately.

    Leave a comment:

Related Topics

Collapse

  • sudbury8
    My site is screwed
    by sudbury8
    I deleted the home in my forum manger and wiped out my whole forum manger everything was gone. I had back ups did a restore and it still does not work help please.

    Error is ( Invalid Page...
    Tue 3 Sep '13, 7:54pm
Working...
X