Page 1 of 1
Hacking attempts...
Posted:
Mon Aug 28, 2006 5:36 amAuthor: sanji
Everybody here noticed that many forum using Integramod have been attacked recently, and several members lost their site.
When checking my own ACP, I was astonished to see that many visitors came on my forum after searching the following in google or msn:
- /search?q=Powered+by+KisMod
- /search?q=+%22Powered+by+integramod
- /results.aspx?q=Powered+by+IntegraMOD
More than 20 just for the last 24 hours!
Which gave me an idea that I can unfortunately not implement by myself: what about automatically baning visitors that reach our forum while searching those keywords?
This could be a very efficient way to limit the risk of an attack...
Any comment welcomed.
sanji
Posted:
Mon Aug 28, 2006 4:05 pmAuthor: Michaelo
We have some think else planned for this that will remove the search result... <img>
Re: Hacking attempts...
Posted:
Tue Aug 29, 2006 5:41 amAuthor: BMD
I have been hit 4 times in as many days.
I had my site backed up so I have not lost any data, but it is a pain to spend time reconstructing the site each time.
I have stripped the integramod folders and started clean... I have started with a fresh DL from here..... I have changed passwords (different for FTP, MySQL, my host account and my admin account....
nothing matters...they still get in.
I am going to try starting with phpbb2.0.21 and add work from there.
Is there a version of IM that has the 2.0.21 already incorporated?
Posted:
Tue Aug 29, 2006 6:03 amAuthor: Michaelo
We are working on a phpBB to IntegraMod 1.4.0 update which includes 2.0.21 and security updates... More later.
In the mean time check the security forum (second post) for latest updates... these must be instaled!
Mike
Posted:
Tue Aug 29, 2006 6:40 amAuthor: jwernerny
"BMD";p="14454" wrote:I have stripped the integramod folders and started clean... I have started with a fresh DL from here..... I have changed passwords (different for FTP, MySQL, my host account and my admin account....
nothing matters...they still get in.
The hacking script, c99 shell, also has the ability to cross-infect on a shared server. The best defence against this kind of attack is to change your folder names. Simply changing the root of the forum from "..../forum" to "..../<another_name>" will be a big help. You can redirect web access to the new folders using your .htaccess file.
- John
Re: Hacking attempts...
Posted:
Tue Aug 29, 2006 7:11 amAuthor: BMD
Hi John
Already tried using other folder names.
Also use mixed characters in passwords... alpha (upper and lower case) and numeric.
Thanks though for the suggestion.
I also am working on image links to replace the text in the overall footer.
with names that have nothing to do with phpBB ot IM to stopgap the search till his can be ironed out.
Posted:
Tue Aug 29, 2006 7:55 amAuthor: Michaelo
BMD, Helter has already finished this details later...