DarkGizmo Posted April 19, 2012 Share Posted April 19, 2012 So on April 13th my forum was hacked and I lost roughly 500 posts in the matter of seconds. We're not sure how the hacker got in whether it was through the server itself (host security breach?) or the IPB. I checked the logs and couldn't find anything in the admin panel which means they probably did it through the database itself. I found a strange file in my site's root so i deleted it and changed all of my passwords and such. I archived off my IPB and thinking quickly, decided my safest bet for security was to keep the IPB archived for read only and to move to a different platform. I know what everyone's probably gonna say "wtf?" but I ended up moving to ZetaBoards and starting over from scratch. There's a few drawbacks to this but there's also a few positives as there is with every forum software I'd imagine. I paid $7.99 for their premium version which gave me a few more features and stuff which is nice and for that price ya can't really go wrong. We've just opened officially to the public again and we're already halfway to 1k. Where i had IP.content before, I now have wordpress with a professional theme suited for my site which only cost me $37. I'm also getting a custom theme made for the new forums which now live at http://forums.revillution.com. So for all that it cost me $75 to get my site back up and running......Not too bad.... On the plus side, it costs $50 for upgrades + support from IPB each year. members seem to be coming back and I know we'll get back to where we were previously, eventually. Quote Link to comment Share on other sites More sharing options...
ChuckTesta Posted April 19, 2012 Share Posted April 19, 2012 Sucks that you were hacked. Good to hear you are back up and running. You never said what the ending reason was for them to hack you. Could it be possible that you installed something by accident? Maybe a hiccup on the server side? Seems odd that posts were removed, and nothing else touched. Usually hackers don't just delete a few posts... Especially as few as 500. If you have multiple admin, I'd restrict their privileges. If money isnt an issue, have a server optimized and setup correctly. Follow the 3-2-1 backup rule, and watch the forum thrive! Quote Link to comment Share on other sites More sharing options...
DarkGizmo Posted April 19, 2012 Author Share Posted April 19, 2012 Sucks that you were hacked. Good to hear you are back up and running. You never said what the ending reason was for them to hack you. Could it be possible that you installed something by accident? Maybe a hiccup on the server side? Seems odd that posts were removed, and nothing else touched. Usually hackers don't just delete a few posts... Especially as few as 500. If you have multiple admin, I'd restrict their privileges. If money isnt an issue, have a server optimized and setup correctly. Follow the 3-2-1 backup rule, and watch the forum thrive! Yeah. I only have 1 other admin now who has full access, 3 others that only have access to their respective modification blocks (that they made) and none of those 3 were on in awhile so I doubt it was them. It seemed like just a random attack to be honest. I'm on Zetaboards now and probably going to stay there since I don't feel like moving everyone back over and whatnot, that'd certainly piss a lot of people off. I did have backups but the thing with my backups was, I have a cronjob run at 1am every morning and the posts were made from 6pm to 9pm that night, and were deleted sometime after 9:30 so a backup wouldn't have saved us either way. Quote Link to comment Share on other sites More sharing options...
ChuckTesta Posted April 19, 2012 Share Posted April 19, 2012 So only posts made those three hours were lost? Quote Link to comment Share on other sites More sharing options...
DarkGizmo Posted April 19, 2012 Author Share Posted April 19, 2012 It would seem that way, yes. Quote Link to comment Share on other sites More sharing options...
ChuckTesta Posted April 19, 2012 Share Posted April 19, 2012 That was def an issue with the server. 500 posts in 3 hrs... Must be nice!!! Anyway, glad to see you've found a new host and are liking them. Quote Link to comment Share on other sites More sharing options...
Administrators Nathan Posted April 19, 2012 Administrators Share Posted April 19, 2012 That sucks, sorry to hear! Yeah I don't see an easy way to delete only the posts in the last three hours via the AdminCP. Possibly they guessed your DB password or was it tough? Who was your host and was it VPS/Dedicated/Shared Hosting account? No backups then? Quote Link to comment Share on other sites More sharing options...
DarkGizmo Posted April 19, 2012 Author Share Posted April 19, 2012 No backups that had those posts, backups would've basically put us in the same situation. It's shared hosting, Hawkhost and I still have them as they are powering my main site still. Either way, Zeta seems to be treating us just fine thus far. I've seen a lot of fantastic themes for them recently by this girl named Sarah who also goes by Kik. She agreed to make me a custom theme for $30 Quote Link to comment Share on other sites More sharing options...
Administrators Nathan Posted April 19, 2012 Administrators Share Posted April 19, 2012 Is Zeta it's own forum software? I would be interested in finding out what ended up happening. Makes me nervous here now... Quote Link to comment Share on other sites More sharing options...
DarkGizmo Posted April 19, 2012 Author Share Posted April 19, 2012 Is Zeta it's own forum software? I would be interested in finding out what ended up happening. Makes me nervous here now... Zeta is a free forum host/provider made by the same people who created InvisionFree many years ago. I'm not quite sure what happened but if it was a security breach with the server wouldn't they have messed with the other sites I had on my account and not just the forum? :\ That's what makes me nervous. Quote Link to comment Share on other sites More sharing options...
Administrators Nathan Posted April 19, 2012 Administrators Share Posted April 19, 2012 Yeah you would think so...but if they could hack IP.Board I would think there would be more hacked forums such as IPB support forums itself. Were you on the most current version? Did you patch a month or two ago when there was that exploit fix on 3.2? Quote Link to comment Share on other sites More sharing options...
DarkGizmo Posted April 19, 2012 Author Share Posted April 19, 2012 Yeah you would think so...but if they could hack IP.Board I would think there would be more hacked forums such as IPB support forums itself. Were you on the most current version? Did you patch a month or two ago when there was that exploit fix on 3.2? I was on 3.2 and yes I patched which is why I was confused as to why or how it happened.... Quote Link to comment Share on other sites More sharing options...
bryce12 Posted April 20, 2012 Share Posted April 20, 2012 Sorry to hear that you had to face such a situation. How is your experience with Zeta so far? Quote Link to comment Share on other sites More sharing options...
DarkGizmo Posted April 20, 2012 Author Share Posted April 20, 2012 Sorry to hear that you had to face such a situation. How is your experience with Zeta so far? It's actually not bad. Really don't have anything to complain about with it. :-D Quote Link to comment Share on other sites More sharing options...
Sherlock Posted May 30, 2012 Share Posted May 30, 2012 That sucks mate! Hope your forums get back to there former glory soon. Good luck! Quote Link to comment Share on other sites More sharing options...
tetutato Posted May 30, 2012 Share Posted May 30, 2012 Zetaboards? Are they really that great? I've heard of them like once when people are talking about the best forum software, etc. Quote Link to comment Share on other sites More sharing options...
DarkGizmo Posted May 30, 2012 Author Share Posted May 30, 2012 Zetaboards? Are they really that great? I've heard of them like once when people are talking about the best forum software, etc. They are decent if you're looking for a quick and free solution. I moved back to IP.Board since starting this threa dand found out it wasn't necessarily because of a hack. My host did a few migration thingies and caused me to lose some data. I had a messed up DB then so what I did was a clean install of the software and started fresh. So far so good. Quote Link to comment Share on other sites More sharing options...
dexterlablab1 Posted June 6, 2012 Share Posted June 6, 2012 That sucks bad. I know how you feel because I went through something very similar with my site. In fact, my hack incident is what taught me the importance of backing up my site daily. Quote Link to comment Share on other sites More sharing options...
DarkGizmo Posted June 6, 2012 Author Share Posted June 6, 2012 Yeah. I get backups emailed to me daily at 1am now. Quote Link to comment Share on other sites More sharing options...
ridwan sameer Posted June 6, 2012 Share Posted June 6, 2012 I hate to be THAT guy. But is it kinda ironic that your site is down now? But having your site hacked is no reason to blame IPB and switch forums... But then i see it's a DB and hsot issue So are oyu back to IPB now? Quote Link to comment Share on other sites More sharing options...
Marc Posted June 6, 2012 Share Posted June 6, 2012 think if I had started my forum over again twice I would have just called it a day LOL Quote Link to comment Share on other sites More sharing options...
alash Posted July 19, 2014 Share Posted July 19, 2014 It isnt good when you are hacked. Always make sure you have backups and that all software on the server is up to date. Some people don't seem to update their software and is it is suprising how sometimes when people are hacked that it's down to the software. Quote Link to comment Share on other sites More sharing options...
alash Posted July 19, 2014 Share Posted July 19, 2014 And weak passwords ( sometimes ) Quote Link to comment Share on other sites More sharing options...
Soulwatcher Posted July 20, 2014 Share Posted July 20, 2014 It isnt good when you are hacked. Always make sure you have backups and that all software on the server is up to date. Some people don't seem to update their software and is it is suprising how sometimes when people are hacked that it's down to the software. I 100% agree it amazes me how long some people go with out updating their software. There are tons of bots on the internet probing for outdated software and its over once they find your website. And the next day the owner wakes up scratching their head wondering what happened. Greg Quote Link to comment Share on other sites More sharing options...
Bravosi Posted December 12, 2018 Share Posted December 12, 2018 This is terrible, I wonder how it was hacked and by who... For sure, it was the failure of the server. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.