Honeymoon Posted March 31, 2007 Posted March 31, 2007 I host a phpBB forum on my site and recently someone accessed the account of one of my members without permission. The IP was logged by phpBB and also by my site logs from TCH. It seems a password was guessed or hacked. Obviously I am unhappy about this. Can I take any action against the person responsible? Quote
TCH-Andy Posted March 31, 2007 Posted March 31, 2007 welcome to the forum Honeymoon It depends if you can find out who they really are. for example if that is their real IP address, and where in the world they are. Number one priority, to be honest, is to ensure your scripts are fully uptodate, and passwords secure. Quote
Honeymoon Posted March 31, 2007 Author Posted March 31, 2007 welcome to the forum Honeymoon It depends if you can find out who they really are. for example if that is their real IP address, and where in the world they are. Number one priority, to be honest, is to ensure your scripts are fully uptodate, and passwords secure. Thanks for the welcome Andy. I totally agree regarding the number one priority. My own passwords etc are secure and I have advised my forum members to have secure passwords. That is all I can do. I have an IP which I believe to be real. It is a broadband provider in the UK, where I myself live, and unlikely to be a proxy. Private areas of the forum were accessed and private information from them was retrieved by the hacker. Quote
TCH-Andy Posted March 31, 2007 Posted March 31, 2007 Since it's all in the UK you could potentially do something - yes. You can contact the police, computer crime unit, who deal with hacking. Quote
Honeymoon Posted March 31, 2007 Author Posted March 31, 2007 Since it's all in the UK you could potentially do something - yes. You can contact the police, computer crime unit, who deal with hacking. Thanks again Andy. And thanks to Bruce for the welcome. Quote
nortk Posted April 1, 2007 Posted April 1, 2007 And just to reiterate...aside from making sure passwords are secure, you really need to keep up with any updates to phpbb as soon as they are released. phpbb seems to be a common target for hacks. I believe that when you log in as admin on phpbb, it will tell you if there are any updates available at the bottom of the page. Good luck getting to the bottom of this. Quote
TCH-Andy Posted April 1, 2007 Posted April 1, 2007 Damn brits! just be thankful we are this side the pond and not that Quote
Smitty Posted June 19, 2007 Posted June 19, 2007 Want to Give a Big Thank You To TCH-Andy We Were Hacked Through One of Our PHP Boards..in Fact They Hacked Three of Them!!!!! We Now Use The SMF provided in Fantisico..... Quote
TCH-Thomas Posted June 19, 2007 Posted June 19, 2007 Welcome to the forum, Smitty. I´m glad to hear that your problems are solved. Let´s hope the hackers stays out now. Quote
TCH-Andy Posted June 19, 2007 Posted June 19, 2007 Welcome to the forums Smitty You're welcome I really don't like hackers keep the SMF uptodate at the recent version and you should be fine though Quote
TCH-Bruce Posted June 19, 2007 Posted June 19, 2007 Welcome to the forums Smitty Good job Andy! Quote
carbonize Posted June 20, 2007 Posted June 20, 2007 SMF, like a lot of big forum scripts, limits the amount of failed log ins an IP can make before banning them. I believe phpBB 3 (Olympus) has this feature but is still at RC1. Most now also let you set a security level on the password they put in to make sure they are secure. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.