My site was hacked...

My site, HacKed by : 3lo0osh al7rbi  )علوش الحربي was hacked...it's just the /forums though...I just took a database backup minutes before, and a file backup this morning...how can I fix it?

 

It looks like theyve deleted a lot of files.

Change all of your passwords etc FTP etc and scan your PC for keyloggers, viruses etc then redo your backup, there is a better guide here:

How To Make My Forums More Secure - vBulletin Community Forum

I would tell your host too so they can check it isnt due to their own problems etc and make sure you upgrade to the latest stable version of vb if your backup isnt it.

 

Thanks Sweeks, I deleted the entire /forums directory and am replacing the files in hopes that that might fix it.

 

Change your passwords to strong ones, preferably by a random password generator or the one in cpanel/WHM. I wouldnt advise keeping them the same as if they have had access to your passwords they can re-access and repeat their deletion etc

 

Thanks, I'll do that directly.

 

Also change database passwords too and edit those in your config.php again once done assuming this is a vbulletin installation.

 

Do you think he'll target me again?

 

It is possible if you dont secure yourself yes. Our teen forums were hacked a while back due to some problems with our host not being very secure, they deleted all of our forums and replaced our index with one of their crappy html pages as well as uploading about 50 copies of the same file with different names all over the directories which was used to CHMOD files, dirs etc, make sure you check for suspect files too.

 

Take it from someone who was hacked twice in the last six months - continuously change your passwords for access to your website, change the passwords for the database etc just to keep them guessing.

 

You can only be as secure as the host/server admin you're using.

1. Don't use a lot of modifications. Modifications typically don't go thru any quality coding checks or assurances they aren't full of security holes. Most people blindly install anything they think is cool making it a nightmare of possible entry points.

2. Use a different password for everything. Using the same password to access everything you own is just silly. Be sure to make it long and if you can remember it, it isn't good enough.

3. Make sure whatever software you are using is at the most up to date release. Most the time exploits are from running old software. (Including php, apache, mysql versions)

4. Don't restore any files from your filesystem from backups, unless they are unique files that can not be recovered elsewhere (IE attachments)

5. Audit your database for extra admins, and tables/rows/columns that shouldn't be there. Having anything other than standard tables for your software should be investigated and you should know what modification uses them.

There are a ton of other things you can do to make sure you're site is secure. Start with the ones above for now.

 

I posted this article a while back: Tutorial Recovering a Hacked vBulletin Forum - vBCodex

I hope it can be of some assistance.

 

I Had One Site Hacked. Didnt Mind Putting It Back Up.
I Just Thoght Of My GC And Its Up. Hope I Dont Get Hacked.
It Sucks Getting Hacked.

 

Good luck with the recovery process, Ben! It's no fun...

 

Id it was on a managed serve,r, then ask them for backups.

 

You helped us when we were hacked by this guy.

:headbang:


Getting hacked is the worst feeling in the world.

 

try to change your password and check your database..


_________________
Indianapolis seo

 

Ben, and you converted to mybb after your site was compromised? I would like to know the logic behind this.

It might not have been the forum software at all. There might have been an issue with the server. Have you been able to narrow down what happened?

 

Pat, Chris and I isolated the problem to the /forums directory. We tried to reupload the files, delete everything and try again, and it didn't work. The rest of the site was fine.