1
lapsa2000
XOOPSdemos close your site !
  • 2009/1/5 17:35

  • lapsa2000

  • Quite a regular

  • Posts: 247

  • Since: 2006/10/27


XOOPSdemos close your site, after being hacked, we have decided to close it, unfortunately we can not determine which was the weak point of the site, perhaps because older modules, or to download the modules on the same server.

We thank infinitely help and support trabis

Thanks and greetings to all!

XOOPSdemos (edit by moderator: link removed!)
Persevera...y seguiras
Perseverando !!!

2
Runeher
Re: XOOPSdemos close your site !
  • 2009/1/5 18:07

  • Runeher

  • Module Developer

  • Posts: 825

  • Since: 2008/1/24


The site have a virus too now... so better not enter!!

3
anderssk
Re: XOOPSdemos close your site !
  • 2009/1/5 18:09

  • anderssk

  • Quite a regular

  • Posts: 335

  • Since: 2006/3/21


Please remove the link!!
Do not enter the site, without any anti virus-product installed!!!

4
pacho
Re: XOOPSdemos close your site !
  • 2009/1/5 19:13

  • pacho

  • Quite a regular

  • Posts: 235

  • Since: 2005/6/7 2


I am really sad about this lapsa2000, it was one of my favorite site.
Is there any way to fix this? I hope you can switch on again!

5
Runeher
Re: XOOPSdemos close your site !
  • 2009/1/5 19:18

  • Runeher

  • Module Developer

  • Posts: 825

  • Since: 2008/1/24


I agree... very sad... we need more of these sites! Hopefully you will figure out the security hole and tell us...

6
anderssk
Re: XOOPSdemos close your site !
  • 2009/1/5 21:12

  • anderssk

  • Quite a regular

  • Posts: 335

  • Since: 2006/3/21


I thing most XOOPSers cry, when a XOOPSsite is hacked.
What was Your protector flags? All green?
What does the protectorlog says?

7
Mamba
Re: XOOPSdemos close your site !
  • 2009/1/5 23:41

  • Mamba

  • Moderator

  • Posts: 11409

  • Since: 2004/4/23


I'm also very sad about it. Some people just have too much free time on their hands
Support XOOPS => DONATE
Use 2.5.11 | Docs | Modules | Bugs

8
hackbrill
Re: XOOPSdemos close your site !

Perhaps you could require all users to register first and grant privileges accordingly. It is just a shame to lose such a valuable resource. Just my opinion :)

9
alphamonk
Re: XOOPSdemos close your site !
  • 2009/1/6 17:26

  • alphamonk

  • Just popping in

  • Posts: 10

  • Since: 2008/9/23


I realize no one knows how the site was attacked, but I do have a question along the lines of security to ask.

Their are some software sites that suggest changing the name of the admin directory to the name of your choosing for security purposes. Is changing the name of the admin directory advisable with Xoops? Is this a change that can be made in the config files alone or does one have to get into the nuts and bolts of the software to make this change happen? Is adding .httpaccess to this newly renamed admin directory a good idea?

10
anderssk
Re: XOOPSdemos close your site !
  • 2009/1/6 18:05

  • anderssk

  • Quite a regular

  • Posts: 335

  • Since: 2006/3/21


Hi' Alphamonk

Welcome to XOOPS

The renaming of admin directory's/useraccount's is normal in some software environment's.
But in XOOPS there are no directory named admin.
In every directory there is a index.html file with the following content
script>history.go(-1);script>

If someone try to access the directory's in the browser, they will be sent back.
That is really not necessary in a linux/unix environment, because You can protect the directory's other ways. In Microsoft ISS I think it's necessary.

I ask about the green flags in protector and the protector log.
The protector is the must have module for XOOPS. It's like the firewall/antivirus on You own PC

I have written this guide
about security in XOOPS - maybe it can help?
Otherwise create a new tread with Your questions.


Login

Who's Online

420 user(s) are online (290 user(s) are browsing Support Forums)


Members: 0


Guests: 420


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits