[NOTICE] How to secure your site against recent attacks

[Kenny01]

my forum is only for people from my country and would have nothing of
interest to any others.

What about your country man living outside your country, he also get ban?

[alphacaveman]

So does this means that 1.x SMF's can't allow avatars to be uploaded ever?

[Yahmez]

So does this means that 1.x SMF's can't allow avatars to be uploaded ever?

1.1.8 = no avatar
1.1.9 = good to go 

[squad]

my forum is only for people from my country and would have nothing of
interest to any others.

What about your country man living outside your country, he also get ban?

Well not necessarily, if they are travelling they can still log in.

What my forum is designed for you need to be living and a resident to participate
in the things on my forum. I specialise in promoting Competitions or Sweepstakes
as they are called in other countries. So it is pointless if you are living in any other
country to enter.

We have found it has saved heaps of trouble by requiring the use of IP email addresses,
especially in this drama of the last week or so

[Akyhne]

This has been very interesting reading. This person had tried to
get themselves registered on my forum, but fortunately I was lucky.

I saw quite a lot of forums now where he did register but no harm was done. So because he was in, doesn't nessescarily means you've been hacked.

[Kenny01]

He register and come back later to hack, so ban him fast before it's too late.

[^SITS^]

This is my first post here.  I am a mod on our forum but we have been given a number of admin functions to help with keeping the board up.

We were hit by this avatar attach by this Kristos person.  He was nuked.  We have upgraded our software to the newest version but we are still having problems with lost avatars and errors.

None of our template files seemed to have been updated with the new upgrade.   I wonder if this is part of the problem?

We thought the upgrade would solve it, but that didn't happen.  If someone would be so kind to point me towards the info that would help us fix this completely, I would really appreciate it. 

[Kenny01]

Go for the large upgrade http://download.simplemachines.org/ that will overwrite all the mess left behind and give you a healthy forum.

[^SITS^]

Go for the large upgrade http://download.simplemachines.org/ that will overwrite all the mess left behind and give you a healthy forum.

Thank you.

[KensonPlays]

(QUOTE FROM JBlaze on: May 11, 2009, 08:05:23 AM)


2) Ask your host if their servers/software are up to date

•Most hacks are effective when the host has outdated software such as old versions of PHP, Apache and MySQL for example.
•Don't be scared to ask your host if their side of security is up to date. It is their responsibility to help protect you as well.
•Check your hosts versions of MySQL, PHP, Apache, etc. Make a file called phpinfo.php with the following content:

Code Select Expand

<?php
phpinfo();
?>

Place that file into your root directory and execute it by navigating to it directly
Ex. http://www.mysite.com/phpinfo.php
(END QUOTE)

That is also a dangerous file, if another user, esp. a hacker can find that file, that is all he/she needs to hack into your site, it gives the correct information for it, JUST FYI EVERYONE!

[Antechinus]

No it doesn't. Assuming your server is set up properly it's no more dangerous than telling people what system you run for your desktop. 

[busterone]

...and as a follow up-  simply run phpinfo, and then delete it or rename it after you are through using it. No problem at all.

[privategirls]

I'm a little confused and not big on time to be able to spend hours reading to get info.  Can someone please give me link to upload the bots to stop whoever s trying to register on the site from south africa or braxil as each IP number is different and I have banned all the IP triggers as new ones come in.

I need to know
1)  what to upload

2)  where do I upload it. on SMF same place as index or in its own folder.

3)  does it just work once done that, or is there a simple manual that explains in simple language for people like me on what to do.  I like SMF because it is easy to control.

I also haven't updated mine yet as I'm worried I may not know how to do it and cancel out everything on the board.  Is htere simple language for that also.?
My forum is private and by approved registration only, so hope none of those IP have been able to get in.
thanks
Sery

[KensonPlays]

THIS SHOULD PROBABLY BE STICKIED, THIS IS HELPFUL AND IMPORTANT!

[privategirls]

I ended up doing the right thing and upgraded my forum and it came up as a major error,  changed al the permissions to 777 and still nothing, so ended up just uploading the real old forum I still had backed up and it came back and worked.  I knew there was a reason why i didnt want to upgrade, it stuffs up and even though I followed the information on uploading:
http://docs.simplemachines.org/index.php?topic=340

it didn't work for me.  sigh....  it sucks being an amateur!!!

[KensonPlays]

...and as a follow up-  simply run phpinfo, and then delete it or rename it after you are through using it. No problem at all.

yeah, and that was the main thing, if they know about your phpinfo file, they, if they are good enough, can use it against you...

I always keep it on my local machine (phpinfo file) and put it onto the server to view the info, then erase it from the server..

[JBlaze]

THIS SHOULD PROBABLY BE STICKIED, THIS IS HELPFUL AND IMPORTANT!

It was stickied.


As for phpinfo(), as Antechinus said, it is no more dangerous than just showing what you server runs. Even though a good hacker will inject a phpinfo file of his/her own...

[alphacaveman]

Would someone please tell me the difference between reCaptcha and image verification? And is the new reCaptcha better than what SMF had a couple of years ago?

[JBlaze]

Would someone please tell me the difference between reCaptcha and image verification? And is the new reCaptcha better than what SMF had a couple of years ago?

SMF uses images called "captcha" images to help prevent spam. They are simple, yet effective.

reCAPTCHA is a mod for SMF that increases the complexity of the captcha and makes it harder for spambots.

[Yahmez]

SMF uses images called "captcha" images to help prevent spam. They are simple, yet effective.

reCAPTCHA is a mod for SMF that increases the complexity of the captcha and makes it harder for spambots.

The thing with SMF's built in capcha is that ALL of the images have the exact same letters. If a spammer realizes this then ALL SMF boards (with only built in capcha) are compromised. I'm not sure why SMF made it this way....
EDIT: Oops!  I was wrong... seems to be showing variation now.