As many of you will be aware, sites running phpBB have been dropping like flies over the past few days, due to a vulnerability in older versions of phpBB.
BBC news article
While vBulletin itself is not vulnerable to attack, if your vBulletin is installed on a shared server that also hosts vulnerable phpBB boards, you could find that your board suffers collateral damage from the phpBB attacks.
If the phpBB vulnerability is attacked, it will attempt to replace every .htm, .php and .asp file with a defaced version.
If your vBulletin could possibly be installed on a server also hosting vulnerable phpBB boards, we would recommend that you take a few moments to ensure that your script files are not globally writable.
On a unix/linux server, this would involve using 'chmod' to alter the file permissions for all .php, .htm and .asp files to 644.
File permissions can be set via most FTP clients, or if you have SSH access to your server, you can use the following commands:
BBC news article
While vBulletin itself is not vulnerable to attack, if your vBulletin is installed on a shared server that also hosts vulnerable phpBB boards, you could find that your board suffers collateral damage from the phpBB attacks.
If the phpBB vulnerability is attacked, it will attempt to replace every .htm, .php and .asp file with a defaced version.
If your vBulletin could possibly be installed on a server also hosting vulnerable phpBB boards, we would recommend that you take a few moments to ensure that your script files are not globally writable.
On a unix/linux server, this would involve using 'chmod' to alter the file permissions for all .php, .htm and .asp files to 644.
File permissions can be set via most FTP clients, or if you have SSH access to your server, you can use the following commands:
Code:
cd [i]/path/to/your/vbulletin[/i] chmod -R 644 *.php chmod -R 644 *.htm chmod -R 644 *.asp