Announcement

Collapse
No announcement yet.

OMG My vBulletin Forum Hacked

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • OMG My vBulletin Forum Hacked

    I have just tried to log into my forum and found that it has been hacked.
    My password wasn't recognised, when I tried to get a new password sent my email was not recognised.
    So I logged into my host cPanel and checked the user database. I found that someone had changed the admin email and password.

    Anyone else had this? and are vBulletin aware of this major security floor ( i am running vBulletin® Version 3.8.3)

  • #2
    some times it is not the fault of vBulletin... no matter how often people wish to blame them for the world ending, accounts being hacked, global warming and everything else that is wrong in the world.

    Maybe your account was hacked because you used a basic password that was easy to hack. Maybe you have had a key logger installed in on your computer which sends the hacker absolutely everything you ever type hence them able to get in, maybe it was a ddos attack, maybe your cpanel was hacked....

    Not everything is a security flaw with vBulletin contact your hosts ask for an ip log to see who has gotten in, get them to reset your passwords, install a backup of your forums and then improve your sites security change the folder of the admincp remembering to update the php files to corrospond, maybe change your password - but one thing is for sure don't keep blaming vBulletin because you don't take the steps to protect your site.

    Comment


    • #3
      Originally posted by sportsfi View Post
      some times it is not the fault of vBulletin... no matter how often people wish to blame them for the world ending, accounts being hacked, global warming and everything else that is wrong in the world.

      Maybe your account was hacked because you used a basic password that was easy to hack. Maybe you have had a key logger installed in on your computer which sends the hacker absolutely everything you ever type hence them able to get in, maybe it was a ddos attack, maybe your cpanel was hacked....

      Not everything is a security flaw with vBulletin contact your hosts ask for an ip log to see who has gotten in, get them to reset your passwords, install a backup of your forums and then improve your sites security change the folder of the admincp remembering to update the php files to corrospond, maybe change your password - but one thing is for sure don't keep blaming vBulletin because you don't take the steps to protect your site.
      Like he said.

      You need to come up with a password that has around 8-16 characters that you can remember. Mix it up use letters with some numbers. Like say you live on maplestreet and your house is 3182 make your pass Maplestreet3182 Or something like that. I tend to stick with that or something close to that on forums i have a feeling i am a target to get hacked.

      Comment


      • #4
        http://www.pctools.com/guides/password/

        Comment


        • #5
          Also upgrade to the latest version of vbulletin. And ask your host to check their access logs as that will tell how the hackers got in your forum.

          Comment


          • #6
            Originally posted by sportsfi View Post
            some times it is not the fault of vBulletin... no matter how often people wish to blame them for the world ending, accounts being hacked, global warming and everything else that is wrong in the world.

            Maybe your account was hacked because you used a basic password that was easy to hack. Maybe you have had a key logger installed in on your computer which sends the hacker absolutely everything you ever type hence them able to get in, maybe it was a ddos attack, maybe your cpanel was hacked....

            Not everything is a security flaw with vBulletin contact your hosts ask for an ip log to see who has gotten in, get them to reset your passwords, install a backup of your forums and then improve your sites security change the folder of the admincp remembering to update the php files to corrospond, maybe change your password - but one thing is for sure don't keep blaming vBulletin because you don't take the steps to protect your site.

            Nothing to do with vBulletin eh?
            So that's why we get updates like the one below then.....

            http://www.vbulletin.com/forum/showt...vel-1-Released

            Spoke to my host and they showed me that the hack was via my vBulletin database and entry was NOT from cPanel

            Comment


            • #7
              Originally posted by v7web View Post
              Nothing to do with vBulletin eh?
              So that's why we get updates like the one below then.....

              http://www.vbulletin.com/forum/showt...vel-1-Released

              Spoke to my host and they showed me that the hack was via my vBulletin database and entry was NOT from cPanel
              That was for vb 4.0.2 btw whereas you are using vb 3.8.3 which is an out dated version btw. It would be eset to upgrade your forum to the latest version, be that of the 4x branch or of 3x one.

              Comment


              • #8
                NVM Looks like you've migrated to mybb. xD
                Last edited by ChopSuey; Tue 23rd Feb '10, 3:11am.

                Comment

                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                Working...
                X