Web Wiz - Green Windows Web Hosting - Celebrating 25 Years!
Web Wiz Homepage Search Web Wiz

  New Posts New Posts RSS Feed - My Forum was Hacked - Please Help
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

My Forum was Hacked - Please Help
 Post Reply Post Reply
Author
  Topic Search Topic Search  Topic Options Topic Options
caribbeanmed View Drop Down
Newbie
Newbie


Joined: 28 September 2005
Status: Offline
Points: 16 		Post Options Post Options   Thanks (0) Thanks(0)   Quote caribbeanmed Quote  Post ReplyReply Direct Link To This Post Topic: My Forum was Hacked - Please Help
    Posted: 29 September 2005 at 2:35pm

Hello

could you please see:

http://www.caribbeanmedicine.com/forum/

It has been hacked again (this is the 5th time)

I did what I was told by my host (1planhost.com) and made it so that people could not upload anything, yet it has still been hacked.

What should I do now?

Please help me here
 
Asad Raza
admin@caribbeanmedicine.com
 
Back to Top
dj air View Drop Down
Senior Member
Senior Member
Avatar

Joined: 05 April 2002
Location: United Kingdom
Status: Offline
Points: 3627 		Post Options Post Options   Thanks (0) Thanks(0)   Quote dj air Quote  Post ReplyReply Direct Link To This Post Posted: 29 September 2005 at 3:44pm
you should upgrade to V7.92, a lot of security holes and coding in general have changed and improved the board since then.
Back to Top
JJLatWebWiz View Drop Down
Groupie
Groupie
Avatar

Joined: 02 March 2005
Location: United States
Status: Offline
Points: 136 		Post Options Post Options   Thanks (0) Thanks(0)   Quote JJLatWebWiz Quote  Post ReplyReply Direct Link To This Post Posted: 29 September 2005 at 6:26pm

The next time you're hacked, put a screen capture on your site and link to it here so we can see what the hacker has done.  I don't see anything obviously wrong with your site.

I can tell you this, if the hacker has planted a hacking tool anywhere on the server hosting your site, he can view any file on your site, even if it's in a parent folder above the wwwroot.  And since the Access MDB for the forum must be in a folder that the anonymous IUSR account can read and write to, such a hacker can not be prevented from modifying the MDB.
 
Check your site for hacker-related files.  Check the WWF upload folders for files other than the permitted jpg, jpeg, gif, zip, and rar (and couple others I can't remember).  If you see asp, exe, vbs files in your upload folders, chances are good that WWF was the vector.  If such files exist outside the upload and especially outside the forum, chances are better that WWF was not the vector and some other site on the same machine was the actual source.
 
 
p.s. I'm not affiliated with Web Wiz Guide in any way. I'm just an average Web Wiz user repaying my debt for the use of their fine forum by trying to help other Web Wiz Guide users.
Back to Top
 Post Reply Post Reply

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.08
Copyright ©2001-2026 Web Wiz Ltd.

Become a Fan on Facebook Follow us on X Connect with us on LinkedIn Web Wiz Blogs
About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Notice

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT at 20% unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.

Copyright ©2001-2026 Web Wiz Ltd. All rights reserved.