gkgcpanel

Well-Known Member
Jun 6, 2007
214
1
166
cPanel Access Level
DataCenter Provider
We have had 3 sites that were all hacked within the last 2 sites. No other sites are effected. All 3 of these were running some version of vBulletin.

We did restore the sites from backup, and within hours they were hacked again.

We can find no point of entry directly to the server. These 3 sites are the only ones running vBulletin at this time.

I can find no mention of any security issues with vBulletin, but it's the only common link for all 3 sites.

Anyone run into this before? Should be stop allowing vBulletin scripts all together..?
 

Voltar

Well-Known Member
Apr 30, 2007
267
0
168
Bakersfield, California
Were you using the latest version of vBulletin? Or at the very least apply the security fixes? Are the boards heavily modded, and if so, were all the mods updated? Are you using any PHP security features like open_basedir and/or suPHP?

More importantly, have you determined how the sites were hacked in the first place so you can close up the security hole?
 

AndyReed

Well-Known Member
PartnerNOC
May 29, 2004
2,217
4
193
Minneapolis, MN
I can find no mention of any security issues with vBulletin, but it's the only common link for all 3 sites.

Anyone run into this before? Should be stop allowing vBulletin scripts all together..?
vBulliten can be hacked very easily regardless of security features enabled on your server. This article explains what you need to do to secure vBulliten: http://servertune.com/kbase/entry/339/

Although nothing in the cyberspace is "bullet proof", but what's in the article should help stop the bad guys.
 

EJeanmaire

Member
Mar 26, 2007
5
0
151
From my experience over the years, all of the off the shelf php scripts... (vBulletin, phpBB, phpnuke, etc etc) are targets for exploiters. If your version is out of date, you are an easy target. If you are on the current version, you still have some risk as the vendors can be slow to release patches. IMHO stay away unless you are diligent on upgrading.
 

Silver_2000

Well-Known Member
Mar 31, 2002
337
1
318
From my experience over the years, all of the off the shelf php scripts... (vBulletin, phpBB, phpnuke, etc etc) are targets for exploiters. If your version is out of date, you are an easy target. If you are on the current version, you still have some risk as the vendors can be slow to release patches. IMHO stay away unless you are diligent on upgrading.
BY off the shelf PHP scripts you would include Cpanel right ?
The issues with VBulletin are MUCH different from issues with Phpbb and others. If your server is setup securely and software is relatively recent most if not all of the exploits can be avoided.

Id be willing to bet the VB installs are really old. Its asking for trouble to not keep software updated