Jump to content
Honeymoon

Phpbb Account Hacked

Recommended Posts

I host a phpBB forum on my site and recently someone accessed the account of one of my members without permission. The IP was logged by phpBB and also by my site logs from TCH.

 

It seems a password was guessed or hacked. Obviously I am unhappy about this. Can I take any action against the person responsible?

Share this post


Link to post
Share on other sites

welcome to the forum Honeymoon :)

 

It depends if you can find out who they really are. for example if that is their real IP address, and where in the world they are.

 

Number one priority, to be honest, is to ensure your scripts are fully uptodate, and passwords secure.

Share this post


Link to post
Share on other sites
welcome to the forum Honeymoon :)

 

It depends if you can find out who they really are. for example if that is their real IP address, and where in the world they are.

 

Number one priority, to be honest, is to ensure your scripts are fully uptodate, and passwords secure.

 

Thanks for the welcome Andy. I totally agree regarding the number one priority. My own passwords etc are secure and I have advised my forum members to have secure passwords. That is all I can do.

 

I have an IP which I believe to be real. It is a broadband provider in the UK, where I myself live, and unlikely to be a proxy. Private areas of the forum were accessed and private information from them was retrieved by the hacker.

Share this post


Link to post
Share on other sites

Since it's all in the UK you could potentially do something - yes.

 

You can contact the police, computer crime unit, who deal with hacking.

Share this post


Link to post
Share on other sites
Since it's all in the UK you could potentially do something - yes.

 

You can contact the police, computer crime unit, who deal with hacking.

 

Thanks again Andy.

 

And thanks to Bruce for the welcome.

Share this post


Link to post
Share on other sites

And just to reiterate...aside from making sure passwords are secure, you really need to keep up with any updates to phpbb as soon as they are released. phpbb seems to be a common target for hacks. I believe that when you log in as admin on phpbb, it will tell you if there are any updates available at the bottom of the page.

 

Good luck getting to the bottom of this.

Share this post


Link to post
Share on other sites
Damn brits!

:)

just be thankful we are this side the pond and not that ;)

Share this post


Link to post
Share on other sites

;)

 

Want to Give a Big Thank You To TCH-Andy :( We Were Hacked Through One of Our PHP Boards..in Fact They Hacked Three of Them!!!!! We Now Use The SMF provided in Fantisico.....

Share this post


Link to post
Share on other sites

Welcome to the forum, Smitty. :(

 

I´m glad to hear that your problems are solved. Let´s hope the hackers stays out now.

Share this post


Link to post
Share on other sites

Welcome to the forums Smitty :(

 

You're welcome ;) I really don't like hackers ;) keep the SMF uptodate at the recent version and you should be fine though :)

Share this post


Link to post
Share on other sites

SMF, like a lot of big forum scripts, limits the amount of failed log ins an IP can make before banning them. I believe phpBB 3 (Olympus) has this feature but is still at RC1. Most now also let you set a security level on the password they put in to make sure they are secure.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×