SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    SitePoint Addict goma's Avatar
    Join Date
    Jan 2002
    Location
    smelly armpit of Asia
    Posts
    305
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PhpBB open to hacking?

    My phpbb messageboard says I have 77 members, which is correct. But when I checked the memberlist, there are only 31 listed, but the first page of this list had more than 31 members on it. What happended to the rest? When I checked the second page, it's blank. what's going on? And to think that I haven't backed up the database yet.

    There's one guy who registered before everything went bad. The name is simply "a" and his email address is bogus@hotmail.com.

    Am I being hacked?

    I posted this same problem in the phpbb community and no one has answered me yet..
    http://www.soapbox101.com

  2. #2
    Ex-SitePointer silver trophy
    iFroggy's Avatar
    Join Date
    Oct 2000
    Location
    Harbinger, NC, U.S.A.
    Posts
    4,126
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    What phpBB version were you using?

    (To answer the subject in the thread, most scripts are open to hacking in some regard.)

  3. #3
    SitePoint Addict goma's Avatar
    Join Date
    Jan 2002
    Location
    smelly armpit of Asia
    Posts
    305
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    phpBB 2.0.2

    this situation is really weird. I can't even remove that "a" member nor can the missing members log on to the board.
    http://www.soapbox101.com

  4. #4
    Ex-SitePointer silver trophy
    iFroggy's Avatar
    Join Date
    Oct 2000
    Location
    Harbinger, NC, U.S.A.
    Posts
    4,126
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Well, phpBB 2.0.3 is the newest release.

    Since you have yet to recieve help here, you may want to try my site, http://www.phpbbhacks.com/forums - I have a team of guys that will know a tad better than me.
    Last edited by iFroggy; Oct 23, 2002 at 12:06.

  5. #5
    SitePoint Addict goma's Avatar
    Join Date
    Jan 2002
    Location
    smelly armpit of Asia
    Posts
    305
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    thanks iFroggy I'll post this same question there
    http://www.soapbox101.com

  6. #6
    Blissed off
    Join Date
    Feb 2001
    Posts
    422
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    First, upgrade to 2.03 ASAP.

    You might also want to use .htaccess to p/w protect the admin directory to also give you a second layer of defense.

    That being said, I haven't heard of any confirmed hacking cases with 2.03.

    Keep in mind if you're on a shared host, your forums will be vulnerable to hacking attempts from others on your shared host.

    This is normally done via telnet and pretty much all the major forums (phpBB, Invisionboard, vBulletin) suffer from this as it is a weakness in the server configuration, not the script.

  7. #7
    Non-Member
    Join Date
    Feb 2010
    Posts
    5
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    thanks for the heads up folks


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •