1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.5 Database Breach

Discussion in 'XenForo Questions and Support' started by Senior Derp, Nov 20, 2015.

  1. Senior Derp

    Senior Derp Member


    I'm just going to dive right into this, earlier this evening we had our password database breached by a few "hackers." They've targeted multiple other websites, and the only major similarity we've had in common is that we seem to be using the same forum software. Now by no means am I trying to blame anything of this on xenForo, as I love their product, I'm just wondering what steps I should take at this point to secure my website. I have no clue how they did it, and I'd love some direction on where I should go from here.

  2. Mouth

    Mouth Well-Known Member

    How did you determine it was breached?
  3. Brogan

    Brogan XenForo Moderator Staff Member

    You need to identify the point of entry.

    Was it due to a compromised account/password?
    Other software on the server?
    Another account on the server (if using shared hosting)?
    An add-on?
    Some other means?

    We're not aware of any exploits in the current version of XF which would allow someone to hack their way in to obtain the DB password.

Share This Page