Jump to content

My forum was hacked

Featured Replies

Posted

Hi,

I updated my forum to latest v4.1.12.1 once I've received email notification 2-3 days ago. Yesterday my web hoster informed me that my server contains "finishing" pages. I discovered /login folder in the root with many unknown PHP files. So I deleted it. Then my SMTP server Postfix started to send many spam emails (around 100'000 per day!). And I don't know who sends this spam.

I tried to compare my forum files with new installation files - no lack. I see differences in some folders /datastore, /cache and some others. So I have no idea where is deleterious script.

I always instantly updated Invision forum. All configuration files are protected, I disabled dangerous PHP functions on my VPS. I have renamed /admin folder with password protection.

My VPS uses CentOS.

So I have no idea how to stop it.

PM me if you want me to take a quick look for you.

  • Author

Thanks for your advices.

Archived

This topic is now archived and is closed to further replies.

Recently Browsing 0

  • No registered users viewing this page.