Site hacked

**Lynne** · Thu 20 Sep '12, 8:06am

If you didn't install them, then delete them. They are not default vbulletin plugins. Also, please contact your host to let them know you were hacked and then you need to go through the access_logs from around the time of the hack and see how it was done.

**borbole** · Thu 20 Sep '12, 8:23am

Indeed. This is a type of hack that has hit quite a lot of vb forums recently. Your host should be able to help you to identify the point of entry and patch it up. It would also be better to do a scan of your server space and db.

What version of vb are you using? If you are not already using the latest version of the 3.8x series, it would be best to upgrade your forum a.s.a.p.

**Jon12345** · Fri 21 Sep '12, 5:54am

One thing I notice is that if I type in mysite.com/includes/ I get to see the directory listing of files. That can't be right. How does vbulletin normally get that hidden?

**borbole** · Fri 21 Sep '12, 5:59am

Originally posted by Jon12345

One thing I notice is that if I type in mysite.com/includes/ I get to see the directory listing of files. That can't be right. How does vbulletin normally get that hidden?

It shouldn''t be shown. Maybe you can open a ticket at your client center, providing you qualify for that, so one of the vb staff can have a deeper look into this.

**Jon12345** · Fri 21 Sep '12, 6:29am

I mean do you think the htaccess file has been edited so that this is possible?

**Lynne** · Fri 21 Sep '12, 10:34am

Originally posted by Jon12345

One thing I notice is that if I type in mysite.com/includes/ I get to see the directory listing of files. That can't be right. How does vbulletin normally get that hidden?

There should be a blank index.html file in the /includes directory.

vBulletin 3 End of Life

Site hacked

Site hacked

Comment

Comment

Comment

Comment

Comment

Comment

Related Topics