»How to protect your phpBB forum against hackers«
|
|||
|
knn: volonteshiva: knn, as far as imo backup size, where is the 500MB coming from? Thanks for asking. From the uploaded pictures mainly. Now that just proves how stupid you truly are, your database does not hold your pictures, it only holds where those pictures belong. Your file system holds the pictures. Hehehehe the immature posts are coming straight from you little boy knn. You are becoming so boring, I am going to have to find something else to entertain me. I guess this new build on a computer will keep me busy for a little while. You see, it gets boring when children see the facts right in front of them yet they twist them and warp them to justify their need to be the victim in a situation when indeed they are the cause of their own vicious abuse! knn hurls insults at phpBB then when confronted about his abusiveness he starts crying attack attack, waaaa waaaa, mommy they are picking on me! posted by Just My Opinion |
|||
|
|||
| in-my-opinion.orgTechnology, Computers, Science, InternetSoftware by the adminHow to protect your phpBB forum against hackers |
|
|||
 Just My Opinion: Now that just proves how stupid you truly are, your database does not hold your pictures, it only holds where those pictures belong. Your file system holds the pictures. I never claimed that the database is 500 Megs. Please reread my posts. But even IF. Now the database alone is 128 Megs and it WILL be 500 megs in the future. Just My Opinion: You see, it gets boring when children see the facts right in front of them yet they twist them and warp them to justify their need to be the victim in a situation when indeed they are the cause of their own vicious abuse! knn hurls insults at phpBB then when confronted about his abusiveness he starts crying attack attack, waaaa waaaa, mommy they are picking on me! I cannot see any of my posts that fit your descriptions. In fact, rereading YOUR posts proves that you accurately seem to describe yourself. Throwing stones to hide your hands. I never attacked you, yet you continue to insult. Maybe soon you will claim that knn and volonteshiva are also the same person 
I ask you really to reread ALL of my posts and tell me exactly where I attacked you. Where is your raving coming from? posted by knn |
|||
|
|
|||
|
||||
|
knn: TIP D: Delete the admin link at the bottom of each page: You can do this usually by editing "page_tail.php":
Combined with the renaming of the "admin" folder (Tip B) it's an easy yet very effective measure. Ok. Here is a stupid question. How do I access the ACP without the admin link. I tried visiting:  Any easier way? Thanks. posted by jayray999 |
||||
|
||||
|
|||
|
knn: Prevent future cracks that abuse the 'preg_replace()' exploits = 'highlight' vulnerability = Santy worm
TIP: Search for
Are these lines safe? $ grep -r -H 'urldecode' . ./forum/admin/admin_styles.php: $install_to = ( isset($HTTP_GET_VARS['install_to']) ) ? urldecode($HTTP_GET_VARS['install_to']) : $HTTP_POST_VARS['install_to']; ./forum/admin/admin_styles.php: $style_name = ( isset($HTTP_GET_VARS['style']) ) ? urldecode($HTTP_GET_VARS['style']) : $HTTP_POST_VARS['style']; ./forum/includes/functions.php: if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r")) ./forum/login.php: if (strstr(urldecode($re direct), "\n") || strstr(urldecode($redirect), "\r")) ./forum/login.php: if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r")) I am running heavily modded 2.10.13. Luckily could not find any instances of rawurldecode? Please help. What to do if such references are insecure. posted by jayray999 |
|||
|
|||
|
|||
|
A new version (2.0.14) of PHPBB is out with about 20 minutes of modding required. See:  posted by jayray999 |
|||
|
|||
|
|||
|
jayray999: I did exactly as you say and I get this error
Warning: Cannot modify header information - headers already sent by (output started at /home/.love/antonio/myforum.com/forum/config.php:21) in /home/.love/antonio/myforum.com/forum/includes/sessions.php on line 200 etc. Ok. This now works perfectly. For others who wish to profit from my experience you must do the correct sequence of steps or this will not work: 1. Backup your old config.php (this saved me some headaches since I did not have my new database password written anywhere else!) 2. Copy a.php and secureconfig.php to to the folder where your forum resides. 3. Make a.php world writable (chmod a.php 666) 4. Type in the path to secureconfig.php in a browser e.g. yourforum.org/forum/secureconfig.php 5. This will generate the screen which will give you detailed instructions on how to modify config.php. 6. Make this changes to config.php. 7. Delete secureconfig.php 8. Try using your forum. 9. If it does not work you can always restore your old setup by restoring your old config.php from backup and by deleting a.php. At this stage I made the previous post. Then I went back to step 1 and tried again and everything worked. Thanks knn and sorry for the posting blitz. posted by jayray999 |
|||
|
|||
|
|||
|
Hi, Couple of days back some one hacked my website forum and he directly challenged me that he would delete my website if I don't pay him $40. I said forget about it. Then he changed all the posts in the forum. I was using Phpbb 2.0.10. So I decided to upgrade it to latest 2.0.14 and then applied all the procedures you mentioned. Oh my god once again he got the admin password and altered postings made by me. By chance is there any way that this guy accessing MySql server ?. He is directly saying that next time he will delete my whole database if we don't pay him. Can anybody help me with a solution here on how to find if there is any hole in our server or forums. Any help would be greatly appreciated. Thanks hg posted by malneedi |
|||
|
|||
|
|||
 malneedi: Oh my god once again he got the admin password and altered postings made by me. By chance is there any way that this guy accessing MySql server ? Sure, if you grant access to the phpMyAdmin program (= access to your database) he can alter anything at will. Also think of this: Maybe his hack is not phpBB related but php related, OR (as in the case of the phpbb.com hack) it is awstats related. You have to make sure (ask your webspace provider) that you are using the lastest versions with the newest patches. posted by knn |
|||
|
|||
|
|||
|
malneedi: Couple of days back some one hacked my website forum and he directly challenged me that he would delete my website if I don't pay him $40. How does he want you to pay him? posted by knn |
|||
|
|||
|
|||
|
He asked me to send an e-mail , so i did then he replied me saying some forum user hot linked to his music files at muzicmasti.com from my forum , so as a revenge he hacked our website and said that this time he is leaving but next time he would delete the whole database. I don't know what to do now, but a feeling that some one using my admin user id is killing me. I chenged all the user id's and passwords for FTP, Database and forum. Still last night he was able get in and change my posts. Is it that easy to break a phpBB forum ?. If it is may be I will switch to a paid one. Any advise will be greatly appreciated. hg knn: malneedi: Couple of days back some one hacked my website forum and he directly challenged me that he would delete my website if I don't pay him $40. How does he want you to pay him? posted by malneedi |
|||
|
|||
|
|||
|
jayray999: knn: Prevent future cracks that abuse the 'preg_replace()' exploits = 'highlight' vulnerability = Santy worm
TIP: Search for
Are these lines safe? $ grep -r -H 'urldecode' . ./forum/admin/admin_styles.php: $install_to = ( isset($HTTP_GET_VARS['install_to']) ) ? urldecode($HTTP_GET_VARS['install_to']) : $HTTP_POST_VARS['install_to']; ./forum/admin/admin_styles.php: $style_name = ( isset($HTTP_GET_VARS['style']) ) ? urldecode($HTTP_GET_VARS['style']) : $HTTP_POST_VARS['style']; ./forum/includes/functions.php: if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r")) ./forum/login.php: if (strstr(urldecode($re direct), "\n") || strstr(urldecode($redirect), "\r")) ./forum/login.php: if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r")) I am running heavily modded 2.10.13. Luckily could not find any instances of rawurldecode? Please help. What to do if such references are insecure. Hi knn. Glad to see you are back. Can you please comment on this post of mine? What to do if such code exists? Also the recent hack rerport by Malneedi is REALLY scary. I did not know this was so easy. posted by jayray999 |
|||
|
|||
|
|||
|
jayray999: Also the recent hack rerport by Malneedi is REALLY scary. I did not know this was so easy. It's not that easy. There must be some hole. Since malneedi claims to have upgraded to 2.0.14 it's unlikely that he uses a phpbb bug. Also if malneedi uses my mods the hacker should have much more difficult. Thus basically the only attack would be via a bug in a known phpbb mod, or via some non-phpbb issue. Can you tell your forum URL? Or at least PM it to me? posted by knn |
|||
|
|||
|
|||
 Quote: He asked me to send an e-mail , so i did then he replied me saying some forum user hot linked to his music files at muzicmasti.com from my forum , so as a revenge he hacked our website and said that this time he is leaving but next time he would delete the whole database. I don't know what to do now, but a feeling that some one using my admin user id is killing me. I chenged all the user id's and passwords for FTP, Database and forum. Still last night he was able get in and change my posts. Is it that easy to break a phpBB forum ?. If it is may be I will switch to a paid one. Any advise will be greatly appreciated. If he got into your forums, he HAS your passwords for your mysql and forums...DID YOU CHANGE THOSE? Change those then install security patches. posted by Sippenhaft |
|||
|
|||
|
|||
 On a side note: Sites get hacked/defaced all of the time. In most cases it has nothing to do with phpBB. Thus there may be some other leak... posted by knn |
|||
|
|||
|
||||||||||
 jayray999: Are these lines safe?
That's safe since it's in the admin folder and noone has access to it except you.
The same reason
This is part of an anti-hacking measure thus should cause no problems. posted by knn |
||||||||||
|
||||||||||
1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19 Next
Goto page Previous
1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19 Next
 Register Log in |
The time now is 9 February 2012, 10:21 php B.B. |