Same thing happened with me. Actually what they do is they make a forum and put the redirect code there. Once you openn the forum it opens a little and when it have to load the forum the hacker makes you get redirected.. I wasn't able to solve it using ACP also Finally restored 1 day old backup and secured everything using my own code..
Will you guys please share your tips to make a phpbb forum more secure? Me too running a phpbb forum so it will help me very much. Should we keep changing our cPanel & ACP password in every few days to avoid the risk of being hacked?
I just went t0 http://indiaforums.info/index.php and it opened fine (Luckily he restored it fast) Stupid hackers!
I guess since it open source easy to hack. Same as wordpress i have no closed all my open holes and have "eofuef8we90f8w09efiweoifjwe0fwe[ jfiowefjwefuwefwe fwejfweofwefewf-wefwe" as a password
it's more PHPBB than Cpanel though protect your Cpanel as best you can. use the password protect directories feature in CP to password protect the admin folder of PHPBB. i think PHPBB is easy to hack because the hacker can browse the member list and find out who the admins are thus having one piece of the puzzle which is the username. all they have to do is run a brute force attack to get the password. if it's a long complex password then it'll be hard to break. mine was only 8 characters with only numbers and letters when mine got hacked so i increased the complexity. other forums like VBulletin and Invision Power have lock out features after invalid attempts which help keep out the hackers. Plus within Invision your login ID can be different from your display handle.
Right the admin or the mods have to have more complex passwords then the normal users i never thought about that actully but thats right.
1st : Check your files. 2nd: Use meta kernel htt trace. (Will show you what changes have been made) 3rd : Upgrade your forum. 4rth : Use Sentinel Hacker protection to protect from further hackings to your forum. Any more help , just drop a pm.
man that must suck I hope to got this dose not happen to me I'm using phpbb 3.0.1 at the moment I have not upgraded becuse one of my mods is not compatible at the moment!
I wont recommend Phpbb , it has so many security loop holes, and can be easly hacked through XSS vulnerability. USE SMF or go for VB
APACHE MODSECURITY FTW!!! using that module with some custom rulesets for apache is the best way IMO....
The same hacker was hacked my forum which was PHPBB. There is major security issue in phpbb and this is the reason you will find all popular forums running on IPB and VB
really? So you think after that many updates they still have a problem? Tells us how your forum was hacked
Sorry for digging an old thread. I migrated my PHPBB forum to MyBB, now even there is no single spam registration which used to happen in PHPBB. I migrated all my forums to MyBB and they are running fine. Its time to say bye bye to PHPBB, will not rethink on my decision untill guys at PHPBB take it bit more seriously.
@seolion did you transfer all your phpBB database over to MyBB or did you have to start again as you have mentioned spam on a phpBB Forum can be a nightmare ??? Thanks
I used a converter to transfer users and threads from phpbb tables to mybb tables. As far as the forum is concerned, it is just a software change, rest are all retained.
If you are using any template then restore that template to the default one. Your template might have been hacked and hacker may have injected some redirection rule. Also check the .htaccess file if there is any suspicious redirect rules setup.
As the VB forum platform seems to be the most secure against attacks is it possible to transfer all the data from phpBB to a new VB forum and if this is possible how is it done please ???? Thanks