Lauren3 Posted June 14, 2022 Share Posted June 14, 2022 (edited) Our board has been repeatedly hacked, the php files into the root dir has been modified or erased. Content in any dir, included "uploads" has been totally destroyed. Any ideas? Edited June 14, 2022 by Lauren3 Link to comment Share on other sites More sharing options...
Marc Posted June 14, 2022 Share Posted June 14, 2022 Sorry, Im a little confused as to the relevance of the screenshot there. Nothing on there indicated any changes to PHP files. If files are being changed however, you would need to contact your hosting company on this to see how this has happened. Users cannot directly change any PHP files within the software itself. Link to comment Share on other sites More sharing options...
Lauren3 Posted June 14, 2022 Author Share Posted June 14, 2022 Just now, Marc Stridgen said: Sorry, Im a little confused as to the relevance of the screenshot there. Nothing on there indicated any changes to PHP files. If files are being changed however, you would need to contact your hosting company on this to see how this has happened. Users cannot directly change any PHP files within the software itself. I posted this screenshot to get the configuration. Actually it's been fully restored. 5 minutes ago, Marc Stridgen said: Sorry, Im a little confused as to the relevance of the screenshot there. Nothing on there indicated any changes to PHP files. If files are being changed however, you would need to contact your hosting company on this to see how this has happened. Users cannot directly change any PHP files within the software itself. We are running IPB since 2003, and it's the first time we are experiencing that issue. It's a dedicated server running 4 websites, 3 Wordpress and 1 IPB. The Wordpress sites has been compromised too, but security tools are doing great. Is there any tools we can run to secure IPB? Link to comment Share on other sites More sharing options...
Marc Posted June 14, 2022 Share Posted June 14, 2022 You would not be securing the software, its your server you would be securing. As mentioned in your othe rpost, you really need to contact your hosting company if this is happening. People will not be accessing and changing files through the software Link to comment Share on other sites More sharing options...
Recommended Posts