hello,
I'm using the latest version of the vBulletin : vB 3.7.4 patch level 1.
I got hacked every time , I got this hack in 3.6 as well as 3.7 !
the hacker connect to template and change the source of template only.
- Is there any server security issue for it ..? if yes, what i should disable it?
- how to prevent this problem to happen again ..?
I found this hack, u can check for it ...
Also, I have found some discussion to change the template name (spacer_open) to other name so the hacker can't know which template name is
Also,I'd like to fixed in all vBulletin version ! as many site hacked by this way.
====
I found this thread :
but it doesn't help at all ..
and this is the respond from the host admin :
===
Hello,
No, this is happening because of a vulnerability in your script, not because we enabled anything to allow this to happen. The script is vulnerable to attack
===
No, it is a vulnerability in your script. The hacker doesn't use FTP. Basically, your script is outdated and contains a security hole. The hacker exploited that hole and placed a php shell on the account. Once the php shell is on the account they can modify your files. You need to update to the latest version of the script in order to take advantage of the recent security changes.
Thank You,
I'm using the latest version of the vBulletin : vB 3.7.4 patch level 1.
I got hacked every time , I got this hack in 3.6 as well as 3.7 !
the hacker connect to template and change the source of template only.
- Is there any server security issue for it ..? if yes, what i should disable it?
- how to prevent this problem to happen again ..?
I found this hack, u can check for it ...
Also, I have found some discussion to change the template name (spacer_open) to other name so the hacker can't know which template name is
Also,I'd like to fixed in all vBulletin version ! as many site hacked by this way.
====
I found this thread :
but it doesn't help at all ..
and this is the respond from the host admin :
===
Hello,
No, this is happening because of a vulnerability in your script, not because we enabled anything to allow this to happen. The script is vulnerable to attack
===
No, it is a vulnerability in your script. The hacker doesn't use FTP. Basically, your script is outdated and contains a security hole. The hacker exploited that hole and placed a php shell on the account. Once the php shell is on the account they can modify your files. You need to update to the latest version of the script in order to take advantage of the recent security changes.
Thank You,
Comment