Jump to content

Recommended Posts

  • Solution
Posted

As mentioned above, you would need to create a constants.php file. You would create this in the root of your community installation, and add the following

<?php
define('DISABLE_MFA',TRUE);

Remember to remove this line once you have got in there and reset anything you need

Posted
Just now, Lauren3 said:

Thanks, it dosn't show up but now it returns on login page, with no error message

If the line above has been added, it will not show up on the login page. You would need to check what you have added

Posted
2 minutes ago, Marc Stridgen said:

If the line above has been added, it will not show up on the login page. You would need to check what you have added

?php
define('DISABLE_MFA',TRUE);

Stuck on login page, no error displayed

Posted
2 hours ago, beats23 said:

Just curious. Can you tell how the hackers got access to your website, was it through the ACP or other route?

I don't know exactly, it's been a week that I'va got some hacked files replacing the original ones in the root dir. This night they have been erased. I've got this issue on Wordpress too, but there are some tools that can be run and prevent this to happen again, but unfortunately those tools are not available on IPB

Posted

You really need to contact your hosting company to reenforce your security on the server there, and you should be replacing all passwords that can access your server in any way, such as FTP, MySQL, SSH etc. If its happening on multiple software, it seems the issue is your server rather than software

Posted
5 hours ago, Lauren3 said:

I don't know exactly, it's been a week that I'va got some hacked files replacing the original ones in the root dir. This night they have been erased. I've got this issue on Wordpress too, but there are some tools that can be run and prevent this to happen again, but unfortunately those tools are not available on IPB

Just so you're aware....  those tools don't fix underlying server issues such as weak FTP passwords or poor database configurations, etc.  If you have not done, so, change passwords for EVERYTHING....  FTP, mail, mySQL, any sort of web-management portal, etc.  

Then look at ensuring any software program you use on your site (IPB, Wordpress, or anything else) is updated.  Finally look at using a cloud WAF such as Cloudflare to help improve your overall security posture.  

Posted
On 6/14/2022 at 11:13 AM, Marc Stridgen said:

You really need to contact your hosting company to reenforce your security on the server there, and you should be replacing all passwords that can access your server in any way, such as FTP, MySQL, SSH etc. If its happening on multiple software, it seems the issue is your server rather than software

We just removed Tapatalk App, just in case...

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...