• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 233
  • Last Modified:

My forum has been hacked!!!!!!!!!!!!

Dear experts,
I've a Vbulletin forum version 3.0.7
This forum has been hacked by somone!!!!!!
I know many Vbulletin holes and I closed it like securing Admin Panel and Mod Panel etc but the guy has hacked the site. anyone please can help to protect the vbulletin forum from hacking again.
By the way the hacket can't login to administration because I protected by .htaccess but he logged to the MySQL and deleted the admin account, because of that I couldn't make anything!
My questions are:
1- The best ways to protect the vbulletin 3.0.7 forum
2- How can I extract the data from the hacked database, it still has the data and its on my hard now?
Note that I've browsing the Forum offical website www.vbulletin.org and DOtCOM
thanks in advance
0
elguindy
Asked:
elguindy
  • 4
  • 2
1 Solution
 
kevinf40Commented:
Hi elguindy

In answer to number 1 - there are some useful docs on the vbulletin site - http://www.vbulletin.com/docs/html/
select "Appendix 3: Technical Documents"
Then the "Securing Your vBulletin Installation" section.  This covers various settings for your O/S, webserver and file access.

In answer to number 2 - Are there any other MySQL users configured unless the admin account was the only one you should be able to use another account to select the data and then import it into a new database. There may be a more elegant solution that I am not yet aware of, but this may well do the trick for you.

cheers

K
0
 
elguindyAuthor Commented:
Thanks alot, yes I've other user account that I can use to login but how can I login?
0
 
kevinf40Commented:
You should be able to connect to the MySQL database directly either from the command line or by using one of the available GUI front ends.

from the command line you'll need to do something like where username is the account you wish to use -

mysql -u username -p

enter the password when prompted.

then change to the database you are interested in:

use database01

then slect from the relevant table

select * from table33;

A GUI such as MySQLfront can be trialled free of charge for 30 days which should serve your purpose:

http://www.mysqlfront.de/download.html

I think there are numerous free front ends as well.

hope this helps

cheers

K
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
elguindyAuthor Commented:
thanks you very much for this advice, one last thing please to accept the answer

HOW CAN I REMOVE THE WORD "Vbulletin 3.0.7" FROM MY FORUM HOME PAGE?????
This will make it hard also for the attacher to knwo the version of my Forum

Waiting for you
0
 
kevinf40Commented:
Hi

looks like this may be a licensing issue, as they sell a brand free license.

example thread discussing this:
http://www.vbulletin.com/forum/showthread.php?t=85324

sorry couldn't offer a better solution!

cheers

K
0
 
kevinf40Commented:
Additional - it looks like it is just a matter of edditing the php page to remove the Vbulletin stuff once the license has been purchased.

cheers

K
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now