Old Admin died and have no access...

bad5150 · May 23, 2014, 03:56:40 PM

...but I do have ftp access. I need to gain access to SMF 1.1.11 at hxxp:sdfreedomranch.org/forum [nonactive] . There has been emails sent to the webmaster of the main website that contain:

"There has been a problem with the database!
This is a notice email to let you know that SMF could not connect to the database, contact your host if this continues." ...

...so I ntk how to gain access to Admin and connect to the database. The owners of the website only want to consider a re-install as a last resort if possible and if not would prefer to retain all the old usernames, accounts, etc to be used with the re-install.

Please help.

Dragooon · May 23, 2014, 04:11:15 PM

Does the site itself work? Can you browse the forums etc?

kat · May 23, 2014, 04:37:31 PM

Try getting in touch with the host.

[email protected]

602-226-2389

bad5150 · May 23, 2014, 04:43:34 PM

I have FTP access. The main website (and therefore the forum) I have access to; but the index (login) page is only one that resolves for the forum. So I guess what I'm asking is how to re-establish ADMIN control from the server - side of the forum.

kat · May 23, 2014, 05:00:05 PM

If you get in touch with the host and explain what's happened, they might be able to switch the account to you, or something.

Dragooon · May 23, 2014, 05:20:14 PM

Quote from: bad5150 on May 23, 2014, 04:43:34 PM
I have FTP access. The main website (and therefore the forum) I have access to; but the index (login) page is only one that resolves for the forum. So I guess what I'm asking is how to re-establish ADMIN control from the server - side of the forum.

As an user, do you know what's your member ID? If not, can you tell me your username?

bad5150 · May 23, 2014, 06:04:09 PM

I never got approved as a USER. I need to become the Top-Level ADMIN or re-install the entire Forum; but don't want to lose the current users. I don't see how the Host (Server) has anything to do with SMF except for a connection to the database. Forget the database. I need control as the Top-Level ADMIN. The former Admin died and nobody connected with the website knows how to login anywhere to SMF. I have FTP access. I would think there would HAVE to be a way to access a clue. Settings_bak.php maybe?

Arantor · May 23, 2014, 06:04:55 PM

If you don't have access to the database, you can pretty much forget anything else.

Dragooon · May 23, 2014, 06:14:25 PM

Quote from: Arantor on May 23, 2014, 06:04:55 PM
If you don't have access to the database, you can pretty much forget anything else.

You can hack around Load.php to give a specific user access, which can then give himself full access and go on to backup the forum. Either that or I'm telling someone with stolen FTP access the way to hack a site

Arantor · May 23, 2014, 06:15:52 PM

In both cases you still need to have the database working, which means talking to the host to get that straightened out.

Dragooon · May 23, 2014, 06:19:57 PM

Quote from: Arantor on May 23, 2014, 06:15:52 PM
In both cases you still need to have the database working, which means talking to the host to get that straightened out.

Ah the post gave me an impression the user has a working SMF site

Illori · May 23, 2014, 07:37:17 PM

if the user has ftp access cant they install phpmyadmin and connect to the database and go from there?

Arantor · May 23, 2014, 07:40:05 PM

Well, that's kind of the problem. What database credentials would they use? The ones in Settings.php seem to be no good.

Illori · May 23, 2014, 07:46:25 PM

it sounded to me like that email gets sent sometimes but all the time.

Deaks · May 23, 2014, 08:00:55 PM

So you know I can access the forum ... so db is fine ... also you should contact host.

the host is http://www.ipower.com

BTW simply unless you have db access, or can access the Admins account (maybe the spouse of the deceased can help) it is quite hard to elevate yourself.

margarett · May 23, 2014, 09:24:00 PM

You were never approved as a user of said forum but you want to elevate yourself to top-level admin and you have FTP access but nothing else?

Don't take it personally if I find this a bit awkward...

Anyway, no database, no play

So you need to contact host and check what does it take to give you access
You can't even install a new forum...

Sir Osis of Liver · May 23, 2014, 10:30:03 PM

Database is ok, forum loads and works normally. Registration works, but requires admin approval.

Could probably hack in with ftp access, but I agree with Bruno - it stinks.

Arantor · May 23, 2014, 10:30:49 PM

There's no 'probably' about it. It's absolutely possible to 'hack' in even with just FTP access but the correct course of action is contacting the host.

Kindred · May 24, 2014, 10:56:14 PM

Especially since there is no need to hack anything if he can get access to the cpanel or other hosting manager,

If the person did actually die, then the host should have some sort of method for you to properly claim the site. Talk to them.

bad5150 · June 20, 2014, 10:58:38 AM

Ok. Finally...
(Dealing with a Board of Directors-slow to act-and a newbie SMF Admin too...)

This was what support for cPanel sent back that worked:

<--BEGIN-->

An alternative way to change the password is directly from your database. To do that, open your cPanel->Databases->phpMyAdmin->your SMF database->smf_members table. Locate your administrative user and click on its edit button (a small pencil icon). Find the "password" row and input the following string in place of the one that is already there:

449ed97bdef672c3aadc98dcdax63fe9d357f8f1

This will reset your password to xxxxxxx . You should then log in immediately and change your password to a more secure one.

<--END-->

...so easy even a newbie could do it. Thank all of you for your help.

If you have a link or know where a prior answer to the NEXT issue might be would appreciate proper direction:

<--BEGIN-->

I have been requested to Admin an old (SMF 1.1.11) Forum that was installed in 2010 and hardly ever used past 4 years since. There are over 39,000 members in the smf_members table now. Most (if not all) of the IP's came from AfriNIC, APNIC, LACNIC, and RIPE. I need to delete all of these (except myself & 3 GM's) and then Ban all IP's from every range but those specific to the USA/North America.

Maybe I can download smf_members table to delete the unwanted members, but is there an easier way to Ban all IP's in the ranges of AfriNIC, APNIC, LACNIC, and RIPE? Does the "Reject" option in approve automatically Ban the IP or is there a way to do that? There is @ 20+ new member requests a day and seems there should be some way to block most of the bad one's.

...also would anyone find the email addresses and IP's valuable as they might be able to be used somehow as a defense against hack attacks maybe? All these attempts were probably up to no good. Anybody want or knows about that please lmk...-Thanks!

Just to be safe I am rejecting all new members until issue resolved. If you want access please pm.

<--END-->

...and yes the old Admin died - and probably does stink by now! ~ RIP ~

Illori · June 20, 2014, 11:02:02 AM

putting in a hash like that for the password most likely will never work due to the way the hashing works.

also you should never delete users directly from the database.

Antechinus · June 20, 2014, 11:04:44 AM

He said the hash did work.

And you should be able to dump members straight from the db AFAIK. There will be some cleaning up to do afterwards, obviously, but it sounds like he's not too fussed.

If the thing has hardly ever been used, there shouldn't be much content. Might be easier to export the tables you want, install a fresh 1.1.19, then import the required data back in and leave all the crud behind. That way you'd only need to grab the details for 4 user accounts, and could drop the rest in one hit.

ETA: Come to think of it, if the place has hardly been used and was out of action for four years, more or less, why not just start a new one?

Illori · June 20, 2014, 11:14:25 AM

i dont see where he says that hashed password works, without clearing the salt i really doubt it will work.

it would be easier to create a new account and edit the db to make that user admin.

bad5150 · June 20, 2014, 11:18:39 AM

hashed password worked...

Antechinus · June 20, 2014, 06:35:15 PM

Ok, just did a quick test on my local test site. If the members you want to delete have no posts or PM's, there is absolutely no problem with deleting them straight from the db. Forum maintenance section of admin was perfectly happy afterwards.

Note that I haven't tested all the possible permutations of member stuff yet (this was just a quick look around).

Since the db is probably not very large (if the forum hasn't been used much) phpMyAdmin should be able to handle any required operations without hitting timeout problems.

Suggestion:

Start by emptying the error log. It probably has a lot of accumulated crud, and you wont want to keep it.

Copy the db content to a new db, then point the forum at that. Mass delete away to your heart's content. Easiest way would be to browse the members table, order them by group (which will put the admins and mods at top) then export the rows for admins and mods only (just use the quick export, not the custom options).

Once you have the required rows exported, check the SQL file to make sure it has the content you want. If it does, drop the entire members table in one fell swoop. Then, simply import your SQL file back into the db. It will re-create the members table with only the content you want.

If forum then explodes, you know it didn't work well, and you can simply point the forum back to the original db. If forum doesn't explode, go into forum maintenance section of admin and run all the basic maintenance tasks. See what happens.

Ninja ZX-10RR · June 20, 2014, 08:35:14 PM

As you have been all concerned about answering him how to do all of that (lol you probably missed that line) and no one ever considered he asked how to IP ban someone then I link you these even if I really need to make a guide about this:
http://www.simplemachines.org/community/index.php?topic=523720.0
http://www.simplemachines.org/community/index.php?topic=523925.0
http://www.simplemachines.org/community/index.php?topic=301568.msg3709524#msg3709524

Antechinus · June 20, 2014, 09:49:36 PM

Install custom questions mod, if sticking with 1.1.x. That helps a lot too. Not required if going to upgrade to 2.0.x.

http://custom.simplemachines.org/mods/index.php?mod=1516

And I can give him an .htacess file that will deal with a lot of miscreants from odd corners of the globe (mostly China and the former Soviet Union).

(and yes, I know globes don't actually have corners

)

Ninja ZX-10RR · June 20, 2014, 09:53:06 PM

I actually made a guide for it --> http://www.simplemachines.org/community/index.php?topic=524146.0 hopefully someone of the team will approve it

also because it took me more than an hour to figure out all the details xD

Antechinus · June 20, 2014, 10:18:09 PM

Good one.

Ninja ZX-10RR · June 20, 2014, 10:20:39 PM

Thank you

you are in it if you noticed

Antechinus · June 20, 2014, 11:12:06 PM

Man I'm like pathogenic bacteria. I'm in everything.

Ninja ZX-10RR · June 20, 2014, 11:15:04 PM

Ahahahahaahah shut up you are there just to look cool you are not helpful at all you are nobody

(jk)

Antechinus · June 20, 2014, 11:37:03 PM

Hey someone's gotta look cool.

Ninja ZX-10RR · June 20, 2014, 11:40:43 PM

Well I am trying to be funny in a sad situation topic

News:

Old Admin died and have no access...

kat

kat