1
eejut
my site got hacked
  • 2006/7/29 16:04

  • eejut

  • Just popping in

  • Posts: 86

  • Since: 2005/5/16


my site got hacked ,and now i really need to update the security of it
iam running an older version of XOOPS XOOPS 2.0.9.2
i kinda got left behind during the updates and now iam afraid to update so many times incase i break something
the bas...erm people who hacked it got thru with using a nphp backdoor script as far as i know ,
and i guess can pretty much do it again untill i get it fixed
can anyone please give me any info on updating the security of the site up to the present level ?
i really would appreciate it
also, i have lots of older modules chucgging along in my xoops, if i do update the the latest version woudl that screw the modules up?

i hope somebody can help me with the questions i asked
many thanks
eejut

2
Chris03
Re: my site got hacked
  • 2006/7/29 16:08

  • Chris03

  • Quite a regular

  • Posts: 372

  • Since: 2004/2/22


Welp my theory is if you dont pay attention to security updates \ news then you deserve to get hacked...

Backup your site, the files and the SQL database, then attempt the update.
KickassAMD

3
ghettonet
Re: my site got hacked
  • 2006/7/29 17:25

  • ghettonet

  • Not too shy to talk

  • Posts: 176

  • Since: 2005/12/4


Security is a never-ending dance, and it's not a lot of fun is it? As I mentioned in another thread (here: https://xoops.org/modules/newbb/viewtopic.php?topic_id=51859&forum=20&post_id=228809#forumpost228809)
Xoops security is dependant upon more that just Xoops. Are you using the XOOPS protector module? That will help you a lot. As for the modules, updating shouldn't screw them up at all - but I know what you mean, XOOPS can seem really fragile, and you don't want to update some of them because you'll break it. You just have to back it all up (files and sql tables) and do it. You'll be fine.


** how did they get in? It would be cool of you to pass that on - it could be something that could be exploited even now.

4
eejut
Re: my site got hacked
  • 2006/7/29 19:59

  • eejut

  • Just popping in

  • Posts: 86

  • Since: 2005/5/16


thanks for the reply ghettonet

one question is the mainfile.php supposed to have your msql data base name /username and password in it?

5
jensclas
Re: my site got hacked

I am not sure I can answer the last question - but as far as upgrading goes the new xoops2.0.14 will let you jump from 2.0.10 - so you only need to upgrade your 2.0.9 to 2.0.10 then go for 2.0.14 - but please read the installation instructions carefully. 2.0.14 doesn't work exactly like our other upgrade packages have done. Of course you should do your backup- first just in case.

WRT mainfile.php question - have you tried a search???

6
ghettonet
Re: my site got hacked
  • 2006/7/29 22:22

  • ghettonet

  • Not too shy to talk

  • Posts: 176

  • Since: 2005/12/4


yeah, mainfile.php does need your database username/password. This isn't as big of a security risk as it would seem (especially if it's chmodded to 444). I always have the database user for a site seperate from all the others, with permissions ONLY for that sites tables. That minimizes the damage should something happen. There is a way too, although I do have to confess that I'm too lazy to do it, to move the database user/pass outside of the mainfile, which could help you rest easier. Better yet, there is also a way to have php encrypt your mainfile so that it's only readable by php (and would look like a bunch of garbage in a text editor, so you just save a copy locally for your own editing, then re-encrypt it when your done). Try searching for those if you are paranoid - or if you have important data to protect.

7
Swain
Re: my site got hacked
  • 2006/7/29 23:18

  • Swain

  • Not too shy to talk

  • Posts: 198

  • Since: 2006/6/27


In addition to making sure XOOPS is up to date (and installing Gi Joe's "Protector" in the module repository), make sure your server is too. Apache if not up to date can present some big security holes, so it does not matter what you do with Xoops. A good htaccess can also provide a good degree of security by blocking ips of known spammers and hacks as well as suspicious user agents. My site was hacked two years ago, and I made it my business to learn all I could about security, now it is rare I even see spam.

8
ghettonet
Re: my site got hacked
  • 2006/7/30 0:20

  • ghettonet

  • Not too shy to talk

  • Posts: 176

  • Since: 2005/12/4


Good point - and .htaccess are useful (if allowed on your server): here's a neat little guide - http://www.javascriptkit.com/howto/htaccess.shtml

9
Swain
Re: my site got hacked
  • 2006/7/30 1:21

  • Swain

  • Not too shy to talk

  • Posts: 198

  • Since: 2006/6/27


I love .htaccess myself, and it was worthwile learning what to do as I was deleting 100+ spam posts a day. I have not had one now in gods knows when.

10
zeroram
Re: my site got hacked
  • 2006/7/30 1:59

  • zeroram

  • Friend of XOOPS

  • Posts: 326

  • Since: 2004/6/30


can you post a sample htaccess for not allowing spam on your posts??

or better.. a sample of htaccess for securing mainfile.php

( just want to compare if am missing something :)

Login

Who's Online

311 user(s) are online (244 user(s) are browsing Support Forums)


Members: 0


Guests: 311


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits