1
finalfiler
Xoops Security
  • 2004/2/22 9:39

  • finalfiler

  • Documentation Writer

  • Posts: 111

  • Since: 2002/1/19


A little while ago I reported to this group what seemed like some sort of attack on sites I run using XOOPS - essentially there was a spate of many, many registrations that did not make sense. Canvassing users known to me suggests they have had a dramatic increase in SPAM since the 'attack', but it's difficult to be certain about a correlation between these events.

Anyway, I am currently trying to sift thru these and find if I try to delete them via XOOPS admin I get:

"Admin user cannot be deleted. (User: )"

Looking thru the user database table I see that the suspicious registration all have admin rights.

Now, there is no way known that the users were given admin rights by me, the only legitimate administrator for these sites.

I'm worried.

The sites are generally updated with the latest XOOPS on release.




2
Jan304
Re: Xoops Security
  • 2004/2/22 12:29

  • Jan304

  • Official Support Member

  • Posts: 520

  • Since: 2002/3/31


Well, don't panic is the first thing I say. Those users are not in the admin group, just a mistake in the core files. The fix is listed here:
https://xoops.org/modules/newbb/viewtopic.php?topic_id=16466&forum=21&start=15

Hope this helps.

Login

Who's Online

469 user(s) are online (342 user(s) are browsing Support Forums)


Members: 0


Guests: 469


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits