The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Rescue O people, experts my database hacked

Discussion in 'General Discussion' started by superfla, Jun 10, 2007.

  1. superfla

    superfla Registered

    Joined:
    Jun 10, 2007
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Somebody knew password databases of my forum do not know how then enter and modify the forum style templates and add iframe codes. Among the actions of its currency, although that problem still:
    Initially I found phpshell uploaded on my site and I delete him , and I realized that there is no other phpshell .
    1- I have changed database password and ftp password .
    2 - I coded config file using zend
    3- I make chmod 751 for directory and 644 for files .

    I worked all these actions, however hacked on a daily basis.
    How come this hackers to my server ?
    How closed this issue?
    What is the log files, which would know from which all the details from entering the database . ?

    please help
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,480
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    What forum software are you using, phpbb?
     
  3. eNetHosts

    eNetHosts Well-Known Member

    Joined:
    Apr 21, 2007
    Messages:
    195
    Likes Received:
    0
    Trophy Points:
    16
    Hi,

    We can take a more in depth look into your forum security issue and server security if you want.

    Just pm us.
     
  4. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    I'd be glad to lend you a helping hand with that and is actually my
    specific area of professional expertise ...

    Anyway though, I can both find out how the hackers are getting in and also tighten
    down security enough that they will NEVER make it back into your server!

    Just contact me via MSN or private message here for help.

    .
     
    #4 Spiral, Jun 10, 2007
    Last edited: Jun 10, 2007
  5. superfla

    superfla Registered

    Joined:
    Jun 10, 2007
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1

    vBulletin 3.6.7
     
  6. eNetHosts

    eNetHosts Well-Known Member

    Joined:
    Apr 21, 2007
    Messages:
    195
    Likes Received:
    0
    Trophy Points:
    16
    Have spoken to poster, issue is not a cPanel issue - they expressly emphasise that their server configuration is good.

    Recommended http://www.vbulletin.com/forum/ for any further queries in relation to this.

    ie. possible exploitation of vBulletin software.
     
  7. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    ROFL I very highly doubt that! :D

    I have reviewed thousands upon thousands of servers in my time and
    of all of those servers reviewed, the ones I have seen that could
    actually say their "configuration was good" are very few and
    could easily be counted on my fingers!

    This also includes reviewing servers for places that are supposed
    to be computer security specializing firms and even in those places,
    I very often find many things overlooked and wide gaping holes
    they didn't even consider.

    Anyway though, bottom line is they couldn't say their "server configuration is good"
    with any certainty unless a well experienced real security expert has gone through
    the server and reviewed it in detail with a fine tooth comb.
     
  8. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,480
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:

    Great, good start. Now what about modules like flashchat, gallery or shoutbox, got those?

    I'm pretty safe in saying if there's an exploit on your forums software itself, the gents at VB already know about it since they deal with many 1000's of users each day. So my bets on a shoutbox or out of date flashchat maybe. You might also want to go over your permissions and disable any additional administrators you have. (BTW you should check your admin and mod logs in VB admin to see if there's any clues there as to what happened.)

    On a side note, it's best (IMHO) to look for solid advice from a professional when you have a serious problem like this. ie: cPanel support via helpdesk, VBulletin developers via members area and so on.

    No offense to anyone on the forums here but if you don't know someone you never let them on your server for anything. Ever. Even if you're in big trouble.

    This isn't a cPanel problem though. Good luck.
     
  9. eNetHosts

    eNetHosts Well-Known Member

    Joined:
    Apr 21, 2007
    Messages:
    195
    Likes Received:
    0
    Trophy Points:
    16
    For lack of arguments sake I forgot to mention I did completely challenge this but (someone) wasn't having any of it. Bottom line is there's more than likely something server side which is allowing the exploitation of the forum. As well as the fact vBulletin isn't 100% secure itself just coded as best as possible.

     
Loading...

Share This Page