Results 1 to 17 of 17
  1. #1
    Newbie Affiliate Ian's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,540
    Need help, PHPBB just got hacked
    Can anyone help here? My phpBB forum just got hacked by some punks. Can't even log in to admin area.

    Do they have my admin passwords?

    Can I just upload my database and files form my pc to the web server to get it back?

  2. #2
    ABW Ambassador Greg Rice's Avatar
    Join Date
    January 18th, 2005
    Location
    Ohio
    Posts
    4,889
    Ouch. Not familiar with phpBB but maybe your hosting company can reset the password? I hope your site/db is backed up. If so, maybe a restore if nothing else works.
    Greg Rice Affiliate Program Management
    www.gocmc.com info(AT)gocmc.com | 330-259-1223

    Join us! - MiNeeds.com | DiscountCandleShop/CheeseSupply | Feng Shui Plaza

  3. #3
    Internet Cowboy
    Join Date
    January 18th, 2005
    Posts
    4,662
    FTP down your Admin directory and re-configure it with new passwords etc. Make sure the Contrib and Install directories are deleted after installation. This is the most common route for hackers to get in to PHPBB.


  4. #4
    Newbie Affiliate Ian's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,540
    ok, going to dump entire database and install the latest phpBB. So, here are a few qquestions:

    Do I:

    1. Drop tables from MySQL (I am using MySQLfront).
    2. Delete all files from forum folder on web server
    3. Upload and install latest phpBB on web server
    4. Use MySQLFront to upload entire backup of database to MySQL

    What should I be looking out for? I think I need to drop all tables before I upload backup .sql file right? Any help would be great. Can't even think straight now I am so mad....

  5. #5
    Affiliate/AM Moonlighter dflsports's Avatar
    Join Date
    January 17th, 2005
    Posts
    874
    I am no pro, but usually when I install a newer version, I delete the old one (backing up the database first) Then install the new version and use the admin panel to restore the database.

  6. #6
    Internet Cowboy
    Join Date
    January 18th, 2005
    Posts
    4,662
    I think you can load the latest version (which is muc more hacker proof) and point it to your existing database and you will not lose your database. It is the php files that they got in to, not your database.
    Of course, change all passwords.
    Upload the new version in a diffferent folder and configure it. If it recognizes the database, which it should, just clean out the old folder and dump the new version in there. It should be that simple. I hope it is. I know how much of a pain in the ass this can be.


  7. #7
    Newbie Affiliate Ian's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,540
    dfl: yes, good idea. But unfortunately, the database was the one that got hacked. Luckily, i did a manual database backup this morning. Reloading it now. Once it's done, I will use phpBB's admin panel to backup the tables. Then, I can hopefully get the latest version to Restore the old tables.

    Unclescooter. Thanks for the words of encouragement. The hacker got in to at least the database. I trashed the entire DB and uploaded a backup and the hack file seem to have disappeared. I am not taking any chances, I will upload the new phpBB folder when all the back is done.

    Now, I hope I can get the new forum to recognize the old tables. Wish me luck!

    Man, did I mention I hate hackers?

  8. #8
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    Good luck!

    Make sure there's no hack files hidden amongst the scripts, too
    There is no knowledge that is not power. ~Hemingway

  9. #9
    Newbie Affiliate Ian's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,540
    Thanks Leader. Uploaded all my local files too just in case. Now, I am looking for a paid forum. Hopefully, these will be more secure?

  10. #10
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    Check your PMs...

    Like any software, paid forums occasionally get hacked or have vulnerabilities discovered (the publication of which then cause them to get hacked), but usually their makers come out with an upgrade that deals with the issue.

    But I would expect that the major ones would be quite a bit more likely to get their issues fixed quickly than free ones.
    There is no knowledge that is not power. ~Hemingway

  11. #11
    Newbie Affiliate Ian's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,540
    Thanks Leader.

    I am now looking at a paid forum. I agree, I think this will be best in the long run. Just hoping that the new forum can recognize my old database. I would have to lose all the posts and members...

    Thanks again for your encouragement. Just got a bit frustrated today.

  12. #12
    Chick with Brains Tracy's Avatar
    Join Date
    January 18th, 2005
    Location
    Polk County, Florida
    Posts
    1,877
    You might want to go to the phpBB Forum. That's where I've gone to solve problems with my forum, and they've been extremely helpful there. Searching the forum titled phpBB Support, you'll probably find where others have been hacked too and find that most of your questions have already been answered.

    They'll also give you some great ideas about improving your forum. For instance, it never dawned on me to add the Google Adsense at the bottom of all my pages, until I found the instructions on how to do it there.

    Also, I found the patch there to make sure google could index my forum pages.

  13. #13
    Member C.Whyte's Avatar
    Join Date
    August 2nd, 2005
    Location
    Santa Cruz, CA
    Posts
    68
    Google Adsense on PhPbb??? That's a first. I might have to look into that myself! Any other phpbb unknown marketing ideas out there? (or is that another thread?) At any rate, thanks Tracy for the idea!

  14. #14
    Chick with Brains Tracy's Avatar
    Join Date
    January 18th, 2005
    Location
    Polk County, Florida
    Posts
    1,877
    Actually, no I don't think it's a first since the instructions are dated November 2003. I bookmarked the page with the instructions, because every time they do an upgrade it wipes out the ads, and I have to go back in and add the code again:

    Basic info on how to place the adsense ads on a phpBB forum

  15. #15
    Newbie Affiliate Ian's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,540
    Thanks for the post Tracy. I implemented the session mod so google will inde the posts. I think it worked. Hey, do you have a link for the mod? I would like to keep it for my records.

    I am looking into a paid forum now. But would still like the link for my records. TIA!

  16. #16
    Chick with Brains Tracy's Avatar
    Join Date
    January 18th, 2005
    Location
    Polk County, Florida
    Posts
    1,877
    As a matter of fact, I do. It's another one that gets wiped out with each update:

    Modification for Google Bot

    Even though it's for Version 2.0.15, it also works with later versions.

  17. #17
    Newbie Affiliate Ian's Avatar
    Join Date
    January 18th, 2005
    Posts
    1,540
    Thanks Tracy, hope this works out well for you!

+ Reply to Thread

Similar Threads

  1. Is it Possible phpbb to Yabb
    By Packy in forum Midnight Cafe'
    Replies: 0
    Last Post: December 7th, 2007, 01:12 PM
  2. phpbb or vbulletin or ?
    By Zdig in forum Midnight Cafe'
    Replies: 12
    Last Post: December 22nd, 2006, 02:30 AM
  3. phpBB warning
    By Dynamoo in forum Midnight Cafe'
    Replies: 12
    Last Post: March 21st, 2006, 01:51 PM
  4. PHPBB Integration?
    By tenemag in forum Programming / Datafeeds / Tools
    Replies: 3
    Last Post: March 29th, 2005, 12:37 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •