Latest Announcemnent
New thread
Status
Not open for further replies.
B

barrix

Active Member
979
2011
158
0
pn2Xp.png


I have no idea what's going on? Site is not even public. Just for personal use.

can anyone help me :(
 
12 comments
Delete everything
Change all passwords

If you have logs its worth going through them see what they have been up to

Only upload scripts you trust nulled software leads to this because you dont know what the nullers put in it

You should be all good after that
 
I was just posting on forums. All the sudden, my site didn't work. I tried to use the ip address. thats what it lead to.

Changing all my password right now

I contacted my provider
Strange is that. My site is online again...
w
Thanks for advice.. I am no web guru. :( Just know how to install fwbb :) use it for private use.
 
Get the Site back by deleting everything and then PM me, I will tell u a person (at fiverr) who is a master in securing sites. Just contact him.
 
That Muslim guy who did hack your site just wants you to know that your site is not high level secured, avoid phpbb.
 
Hi Barrix, The group who hacked your website is from "Saudi Arabia". very active group in these days. You are using PhpBB ? its possible that you have a version that have exploit or SQL Injection. I m sure that you database is insecure now. try change all passwords/hashes of your User's included admin. and make sure to check your Admin list of forum. In my opinion you must do the following: Back all databases and then Remove all databases in VPS Scan whole server by roorkit and scan by ClamAV update VPS if you use old version of OS/Kernels check scripts files by downloading in your PC and scan them in multiple Antiviruses. Re-upload all the data after checking. Make sure you blocked all the ports that not are in use through CSF.
 
Thanks all for the feedback.
I am not a expert on website stuff. I spoke to my provider (friend). He said he's gonna sort it.
Backed up my stuff.
 
sorry for your loss

if you have backup files, restore them
change all passwords
delete install folder after the 1st installation
 
phpbb is a very secure, reliable and extremely popular forum type. It has no known vulnerabilities, and if any are detected, they are usually 0-day. Many global companies use phpbb. I can say without a shadow of a doubt that phpbb was not the cause of the problem.

The more likely cause was that you re-used passwords. If I use the same passwords everywhere, and one of those sites gets hacked, then I can reverse MD5 your password from the hacked database. Bingo, I can login everywhere you used that password. This is what happens to most people.

The second most likely cause is that you downloaded like the world is ending tomorrow, disregarding any safety precautions and clicking on .exe files as if you were on a slot machine. One or more of those .exe files contains a keylogger or cookie reader. This is the second most likely cause for being hacked.

Lastly, the third most likely cause for being hacked is disregarding the importance of folder permissions. Uploading a forum, ignoring which folders to chmod and which folders to move out of public_html.
 
Last edited:
Status
Not open for further replies.
Back
Top