My forum (www.forumbiodiversity.com) got hacked sometime in April 2012 (or maybe it was May, can't remember exactly). I was running vBulletin 3.8.4 at the time, and so I upgraded to 3.8.7 patch level 1 or something like that, soon after the first hack. This didn't change much, and soon after, it was hacked again. And it's been going on like that from time to time. At first, it was quite innocent hacks, displaying some Islamic rants about Muhammed, Gaza/Palestine etc., but now, the hackers have been hijacking my site to redirect it to their ad sites. It's very annoying. I upgraded to vB4.2 pl 2/3 in August, but that hasn't changed much either. I then persuaded my webhost to switch to FreeBSD, but we couldn't get all the stuff required to run vBulletin on FreeBSD (it was mainly an issue with getting the right web hosting control panel on FreeBSD). During the attempted switch, my webhost removed the rootkit installed by the hacker. And also we switched to SFTP. This didn't help much either, although it did help temporarily. Now, the hacker has been inserting his rootkits again and doing his routine.
Anyway, according to my webhost, the security hole is from the vBulletin software, not GNU/Linux, because all GNU/Linux software is up to date and patched. I'm running on the latest stable vBulletin, so I'm suspecting the security hole could be in some of the plugins I have installed, but which one? I'm not sure.
So, help needed here, or else I'll do something drastic like switch to phpBB, Simple Machines or some other open source solution.
Thanks.
Anyway, according to my webhost, the security hole is from the vBulletin software, not GNU/Linux, because all GNU/Linux software is up to date and patched. I'm running on the latest stable vBulletin, so I'm suspecting the security hole could be in some of the plugins I have installed, but which one? I'm not sure.
So, help needed here, or else I'll do something drastic like switch to phpBB, Simple Machines or some other open source solution.
Thanks.
Comment