Uutiset:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu
Advertisement:

How to start with clean install, yet import old topics - caused by hacking

Aloittaja Intravue, huhtikuu 25, 2011, 04:47:50 IP

« edellinen - seuraava »
Tulosta
Siirry alas Sivuja1
Käyttäjän toimet

Intravue

huhtikuu 25, 2011, 04:47:50 IP
Hello all,

My forum has been hacked every week or two since last January.  At that time I was at version 1.1.11.

I updated to 1.1.12 but at the very end there was a problem reported in the upgrade.php, but the forum worked good enough.

When it is hacked, someone is adding many lines to the same set of files:

at public_html/forum:

news_readme.html
ssi_examples.shtml
SSI.php
ssi_examples.php
readme.html

at public_html/forum/sources:

Admin.php
Karma.php
Load.php
ManageNews.php
Subs-Auth.php
Themes.php
ViewQuery.php
Subs.php

Until a week ago, I just overwrote those files everytime the site was hacked and it would be good again.

Then I tried to upgrade to version 1.1.13 and now nothing works.

My backup using filezilla suffered from the tech note about binary files.

I am hoping there is a way to install 1.1.13 and then, using data from my downloads, find the 70 or so topics on my site and get them back up.  It doesn't look like the topics are in the mysql database.  I don't care about the users, they can all re-register.

Any insight would be appreciated.

Thanks !!!

Illori

#1
huhtikuu 25, 2011, 04:54:16 IP
have you changed your passwords for your hosting account as well as your database password? once that is done it should help to stop the attacks. do you have any other php apps on your server? if so make sure they are updated to latest versions. have you asked your host for access logs for your server so you can try to track down who is doing this?

Aleksi "Lex" Kilpinen

#3
toukokuu 03, 2011, 02:26:11 AP
Backup everything - Databases files etc. even though they don't work correctly right now.

Make sure you delete everything in your  /Themes and /Sources folders,  (This will remove all installed custom themes and languages, but they can be reinstalled later )
and try to make sure everything else on your server is clean of malicious code.

Then use the large upgrade package for 1.1.13 and upload everything in it to your server, over the existing installation - Make sure everything really gets uploaded and overwritten.
Then run the upgrade.php and if any errors come up - Please post the complete errors here.
Slava
Ukraini!
"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF
Tulosta
Siirry ylös Sivuja1
Käyttäjän toimet
Advertisement: