[NOTICE] How to secure your site against recent attacks

Broken Arrow · May 17, 2009, 10:28:44 PM

Quote from: Ziggy on May 17, 2009, 09:46:26 AM

I would like to try registrating on a forum where both mods are installed.
Who has both mods installed (link)?

You can try mine Ziggy

the forum is http://www.brokenarrowspeacepipe.com/forum2/

JBlaze · May 17, 2009, 10:30:36 PM

Quote from: Yahmez on May 17, 2009, 09:56:36 PM
Funny how after I posted this I had a bunch of spammers try to register... Hmmmmmm

Most likely, you didn't notice that you had spammers registering until this mod brought it to your attention. That's the way it was for me.

Yahmez · May 17, 2009, 10:31:56 PM

Quote from: JBlaze™ on May 17, 2009, 10:30:36 PM
Quote from: Yahmez on May 17, 2009, 09:56:36 PM
Funny how after I posted this I had a bunch of spammers try to register... Hmmmmmm

Most likely, you didn't notice that you had spammers registering until this mod brought it to your attention. That's the way it was for me.

No I have had it installed for a month now and I found these recent visitors via geoip...

JBlaze · May 17, 2009, 10:34:32 PM

In any case, this mod is 100% percent safe, or I wouldn't have recommended it. Also, if it weren't safe, it wouldn't be on the mod site.

Yahmez · May 17, 2009, 11:07:30 PM

Quote from: JBlaze™ on May 17, 2009, 10:34:32 PM
In any case, this mod is 100% percent safe, or I wouldn't have recommended it. Also, if it weren't safe, it wouldn't be on the mod site.

Misunderstanding. The mods are great! I was wondering why I had a sudden surge after posting that I had those mods installed... That was all. No one actually made it through to get my disapproval so all's well!

_Ziggy_ · May 18, 2009, 02:32:29 AM

Quote from: Broken Arrow on May 17, 2009, 10:28:44 PM
Quote from: Ziggy on May 17, 2009, 09:46:26 AM

I would like to try registrating on a forum where both mods are installed.
Who has both mods installed (link)?

You can try mine Ziggy

the forum is http://www.brokenarrowspeacepipe.com/forum2/

Thanks Broken Arrow!

I have tried registrating, but there is an error:

QuoteFatal error: Call to undefined function recaptcha_check_answer() in /home2/broken/public_html/forum2/Sources/Register.php on line 184

myswag · May 18, 2009, 02:58:46 AM

Guys,

My forum has been one of many hacked. Is there away to repair the damaged avatars/attachments?

I have no experience in coding etc.

Cheers
Brett

Aleksi "Lex" Kilpinen · May 18, 2009, 03:14:05 AM

The easiest way would be to revert to a clean backup, and temporarily disable all uploads until a patch is released.

myswag · May 18, 2009, 02:48:47 PM

This is where I have been bad and haven't been doing regular back ups. I guess I learn the hard way...

Aleksi "Lex" Kilpinen · May 18, 2009, 02:53:14 PM

Then you pretty much should delete everything except your attachements, and settings.php and upload fresh files from an upgrade package to replace the infected files - and then manually check the settings.php and your latest avatars and attachments that they are ok...

wtmpp · May 18, 2009, 03:46:26 PM

Quote from: Yahmez on May 17, 2009, 11:07:30 PM
Quote from: JBlaze™ on May 17, 2009, 10:34:32 PM
In any case, this mod is 100% percent safe, or I wouldn't have recommended it. Also, if it weren't safe, it wouldn't be on the mod site.
Misunderstanding. The mods are great! I was wondering why I had a sudden surge after posting that I had those mods installed... That was all. No one actually made it through to get my disapproval so all's well!

It's a coincidence.
My site is relatively unknown and not really public, yet we've gotten 20 auto-banned applications today alone. There is always a spike in registration or drive by attempts whenever a new exploit shows up in SMF or PHPbb.

babjusi · May 18, 2009, 05:03:19 PM

Quote from: myswag on May 18, 2009, 02:48:47 PM
This is where I have been bad and haven't been doing regular back ups. I guess I learn the hard way...

When is your most recent db backup from before the hack?

Broken Arrow · May 18, 2009, 07:39:50 PM

Quote from: Ziggy on May 18, 2009, 02:32:29 AM
Quote from: Broken Arrow on May 17, 2009, 10:28:44 PM
Quote from: Ziggy on May 17, 2009, 09:46:26 AM

well Ziggy, I have no idea what that means

Too much security maybe? LOL

right now I am really confused as to what to do next. That hacker has codes all over other parts of my site besides the forum. It will take me a week to figure all this out

thanks for letting me know though

I would like to try registrating on a forum where both mods are installed.
Who has both mods installed (link)?

You can try mine Ziggy

the forum is http://www.brokenarrowspeacepipe.com/forum2/

Thanks Broken Arrow!

I have tried registrating, but there is an error:

QuoteFatal error: Call to undefined function recaptcha_check_answer() in /home2/broken/public_html/forum2/Sources/Register.php on line 184

Looks like the recaptcha thing messed up

Broken Arrow · May 18, 2009, 07:47:42 PM

I uninstalled that recaptcha thing and tried to register using another name using my business email address and now it's telling me I am spam and to report myself to myself

this is insane!

Broken Arrow · May 18, 2009, 07:59:04 PM

well it wasn't the recaptcha or stop spam thing. It was another mod I had installed called Stop Forum Spam

I have reinstalled the other two and can register now without it messing up. I have to approve all registrations though....so go ahead and try again Ziggy

Uhura! · May 18, 2009, 08:26:20 PM

Are You Human locked me out of my own forum - LOL!

JBlaze · May 18, 2009, 08:27:02 PM

Quote from: Uhura! on May 18, 2009, 08:26:20 PM
Are You Human locked me out of my own forum - LOL!

At least it works

Antechinus · May 18, 2009, 08:31:46 PM

Maybe she isn't human. How would we know?

JBlaze · May 18, 2009, 08:32:28 PM

Quote from: Antechinus on May 18, 2009, 08:31:46 PM
Maybe she isn't human. How would we know?

Thus the statement...

Quote from: JBlaze on May 18, 2009, 08:27:02 PM
At least it works

Uhura! · May 19, 2009, 08:28:48 AM

Good point - if it's locking homo sapiens out....that makes sense. I'm homo superior

News:

[NOTICE] How to secure your site against recent attacks

babjusi