Jump to content

Site Hijack

Pendragon

By Pendragon
in Security Discussions

 Share

Recommended Posts

Pendragon Enthusiast

Pendragon

Posted
  • Author
Posted
I would open a Help Desk ticket.

 

While the support staff reads the forum from time to time the mods do not have access to the servers or your account info.

 

It looks like the database for my forums was taken over. If it happens again I will open a ticket before correcting the problem.

stevevan Grand Master

stevevan

Posted
Posted

Make sure you have the latest version of your forums. I noticed you are using version 2.2.6. The latest vBulletin out is 3.0.7 per their website.

Pendragon Enthusiast

Pendragon

Posted
  • Author
Posted

After looking through the logs, it looks like they used an exploit in that version. I've password protected the directory, so that should keep them from doing that again.

stevevan Grand Master

stevevan

Posted
Posted

While that may temporarily stop it, the best prevention is to keep things updated with the current software. There are usually exploit fixes that accompany the updates. Only so much can be done on the server side of things.

 

From their website:

The discovery of a potentially serious security hole has necessitated the release of vBulletin 3.0.7. All customers are strongly encouraged to take one of the actions described in this post.
Pendragon Enthusiast

Pendragon

Posted
  • Author
Posted
While that may temporarily stop it, the best prevention is to keep things updated with the current software.  There are usually exploit fixes that accompany the updates.  Only so much can be done on the server side of things.

 

From their website:

The discovery of a potentially serious security hole has necessitated the release of vBulletin 3.0.7. All customers are strongly encouraged to take one of the actions described in this post.

 

It's just wierd it never happened until now.. maybe my number just came up. who's knows.

 

The security hole they are talking about is email, when 3 came out, you could use the system to send email without being registered. Some boards even disabled the email system because of it. The 'fix' ended up breaking a lot of other things. I never upgraded, not good to jump on the latest version just because it's new. They always have as many bugs as they fix!

TCH-Bruce Grand Master

TCH-Bruce

Posted
Posted
It's just wierd it never happened until now.. maybe my number just came up. who's knows.

Makes sense to me. TotalChoice sites are googled more frequently than any other web host I've been with. So your site is probably more visible now. :angry:

Head Guru Grand Master

Head Guru

Posted
Posted

If your going to maintain scripts on your accounts, you MUST keep them current.

 

Google loves our IP space. This is a GREAT thing. But does lead to more traffic to your sites.

 

Bottom line is.

 

2.X.X VB is old and easily hacked.

 

 

Bill

Pendragon Enthusiast

Pendragon

Posted
  • Author
Posted
It's just wierd it never happened until now.. maybe my number just came up. who's knows.

Makes sense to me. TotalChoice sites are googled more frequently than any other web host I've been with. So your site is probably more visible now. :clapping:

 

Nah, my site always got indexed regularlly by numerous engines. In fact, the link that seems to have started it all came from a yahoo search.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...