Jump to content

Turn off 2FA


Lauren3
Go to solution Solved by Marc,

Recommended Posts

  • Solution

As mentioned above, you would need to create a constants.php file. You would create this in the root of your community installation, and add the following

<?php
define('DISABLE_MFA',TRUE);

Remember to remove this line once you have got in there and reset anything you need

Link to comment
Share on other sites

Just now, Lauren3 said:

Thanks, it dosn't show up but now it returns on login page, with no error message

If the line above has been added, it will not show up on the login page. You would need to check what you have added

Link to comment
Share on other sites

2 hours ago, beats23 said:

Just curious. Can you tell how the hackers got access to your website, was it through the ACP or other route?

I don't know exactly, it's been a week that I'va got some hacked files replacing the original ones in the root dir. This night they have been erased. I've got this issue on Wordpress too, but there are some tools that can be run and prevent this to happen again, but unfortunately those tools are not available on IPB

Link to comment
Share on other sites

You really need to contact your hosting company to reenforce your security on the server there, and you should be replacing all passwords that can access your server in any way, such as FTP, MySQL, SSH etc. If its happening on multiple software, it seems the issue is your server rather than software

Link to comment
Share on other sites

5 hours ago, Lauren3 said:

I don't know exactly, it's been a week that I'va got some hacked files replacing the original ones in the root dir. This night they have been erased. I've got this issue on Wordpress too, but there are some tools that can be run and prevent this to happen again, but unfortunately those tools are not available on IPB

Just so you're aware....  those tools don't fix underlying server issues such as weak FTP passwords or poor database configurations, etc.  If you have not done, so, change passwords for EVERYTHING....  FTP, mail, mySQL, any sort of web-management portal, etc.  

Then look at ensuring any software program you use on your site (IPB, Wordpress, or anything else) is updated.  Finally look at using a cloud WAF such as Cloudflare to help improve your overall security posture.  

Link to comment
Share on other sites

On 6/14/2022 at 11:13 AM, Marc Stridgen said:

You really need to contact your hosting company to reenforce your security on the server there, and you should be replacing all passwords that can access your server in any way, such as FTP, MySQL, SSH etc. If its happening on multiple software, it seems the issue is your server rather than software

We just removed Tapatalk App, just in case...

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...