I was hacked again. Now I can't login into the database as the hacker must have changed the passwords. I tried to upload the access database but it's either a newer version than mine access 2000, or something has happened to it so that i can't open it. I had put up a mirrored version of the site while I figured out some database issues on the forum that was originally hacked. Meaning I had a forum on the clients server. IT was hacked, so I pointed it the href to a dulpicate forum on my own site, but didn't worry about the read write permissions as I couldn't imagine it was going to get hacked while I was working on the other one, then that was hacked. http://www.louisekennedydesign.com/forum/default.asp - http://www.louisekennedydesign.com/forum/default.asp

On the original forum, I went in and tried to rename the database, and put it in a private folder, but I can't open the forum now.

very frustrated

You really must place the database outside of your web site, otherwise you are leaving your database wide open to any hacker.

The documentation with the forum gives a step by step guide on how to do this.

Your only option is to find someone who has access and can change the password for you.

Another option is to upgrade to version 7, the migration tool will reset the username and password back to the default username and password, you will also have the added protection of having your passwords 160bit one way encrypted, but you should still place the database outside of your web site away from the prying eyes of a hacker.

thanks Borg, which version of  7? I pulled the forum down.

Is this hacker a person who targets webwiz a lot?

All version 7's have the passwords encrypted, to be hacked you probally have a version 6.x of the forums.

Just download the latest version from the forum download page and the data migration tool and follow the instructions.

There are many lame hackers out there targetting inscurely setup free web applications (just have a look at a few hacking sites to see this), as it is very simple to download a free application and see what the default name and location of the database would be. From there it doesn't take anyone above 6 years old with a computer to simply find a site running the software where the person has left there database unsecured. This is why there is a step by step guide on setting up the forum with the database renamed and placed in a secure location on the web server.

Even encrypted passwords could still be hacked eventually so a simple rule is never leave a database where it is open to hackers.

got it, thank you. I'll download version 7. The question was which version of 7, as it looks like you've got a couple going.

the question of course is why would anyone spend time hacking a forum. but that will remain unanswered

Download which ever version you need, if you have access 2000, download that version, if your web hosts gives you an SQL server database then download that version (SQL server is much more faster and more secure than access, but you only get an SQL server database with more expensive hosting accounts).

Why would anyone want to hack a forum, usually it's done by young school kids who think it's cool to deface a web site.