The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

phpBB exploit

Discussion in 'General Discussion' started by EdRooney, Nov 29, 2004.

  1. EdRooney

    EdRooney BANNED

    Joined:
    Oct 21, 2004
    Messages:
    166
    Likes Received:
    0
    Trophy Points:
    0
    I disabled wget with mod security but I am still getting hit with the phpbb exploit, what the easiest way to block it?
     
  2. jdonoso

    jdonoso Well-Known Member

    Joined:
    Nov 15, 2004
    Messages:
    61
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    The Third Rock from The Sun!
    Why don't you upgrade?
     
    #2 jdonoso, Nov 29, 2004
    Last edited: Nov 29, 2004
  3. EdRooney

    EdRooney BANNED

    Joined:
    Oct 21, 2004
    Messages:
    166
    Likes Received:
    0
    Trophy Points:
    0
    all 200,000 customers?
     
  4. jdonoso

    jdonoso Well-Known Member

    Joined:
    Nov 15, 2004
    Messages:
    61
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    The Third Rock from The Sun!
    You can do a script to automate the process, or hire someone to do it for you. ;)
     
  5. DigitalN

    DigitalN Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    420
    Likes Received:
    1
    Trophy Points:
    18
    Hello,

    With 200,000 customers I find it hard to believe that you need to come to the cPanel forums and ask for this kind of help :)

    You must have several systems admins that would be able to take care of this for you - 200,000 customers, thats ~ 200 servers with 1000 on each ? Are they all running phpbb?

    Best thing to do is contact your clients and ask them to upgrade their phpbb's and or block the accessess to certain files by adding the rules to mod security or simply adding a redirect to /dev/null for certain file names/urls.

    Good luck :)
     
  6. EdRooney

    EdRooney BANNED

    Joined:
    Oct 21, 2004
    Messages:
    166
    Likes Received:
    0
    Trophy Points:
    0
    Sorry its 200,001 total
     
  7. EdRooney

    EdRooney BANNED

    Joined:
    Oct 21, 2004
    Messages:
    166
    Likes Received:
    0
    Trophy Points:
    0
    How is it being exploited?
     
  8. fusioncroc

    fusioncroc Well-Known Member

    Joined:
    Sep 28, 2004
    Messages:
    261
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    U.K.
    how many server's do you have
     
  9. EdRooney

    EdRooney BANNED

    Joined:
    Oct 21, 2004
    Messages:
    166
    Likes Received:
    0
    Trophy Points:
    0
    500 servers
     
  10. jdonoso

    jdonoso Well-Known Member

    Joined:
    Nov 15, 2004
    Messages:
    61
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    The Third Rock from The Sun!
    Respect.

    And yes, you SHOULD hire a programmer/sys admin to help you. :)

    Best,
     
  11. jester.ro

    jester.ro Well-Known Member
    PartnerNOC

    Joined:
    Feb 6, 2004
    Messages:
    304
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Bucharest, Romania
    cPanel Access Level:
    DataCenter Provider
  12. damainman

    damainman Well-Known Member

    Joined:
    Nov 13, 2003
    Messages:
    515
    Likes Received:
    0
    Trophy Points:
    16
    How do you know your getting hit with the exploit?
     

Share This Page