XF 1.1 Forum Hacked By Turk Grup

Sort by date Sort by votes
0ptima said:
How much do they want to charge for this? All you need to do is restore a backup of your files and database.
Click to expand...
I didn't ask ....

I'm on with getting it restored :)


It seems this group target USA hosts .... my bigger issue is how they got in to the forum to replace the index file
 
Upvote 0 Downvote
The file change indicates that the server has been compromised, not XenForo. As Matt said, it is possible that another account on the same server was compromised. On shared servers the entire server can become compromised when one site on that server is compromised. This happened to me once.

Ideally your host should take care of everything. They need to take measures to identify the point of entry and close it, then restore backups as necessary.
 
Upvote 0 Downvote
Simon R said:
Hostgator
Click to expand...
It's the host.

They still have php 5.2 installed (as an options) which is over 4 years old.

On someone else's site I was helping, I even found 5.1 still installed as an option (7 years old).

There is also a security flaw, that if you you Google.... You should find easily.


I wouldn't suggest Hostgator until they finally update some of their core software. While php 5.3 is their default, they still have that older stuff there & it makes for one easy target
 
Upvote 0 Downvote
Adam Howard said:
It's the host.

They still have php 5.2 installed (as an options) which is over 4 years old.

On someone else's site I was helping, I even found 5.1 still installed as an option (7 years old).

There is also a security flaw, that if you you Google.... You should find easily.


I wouldn't suggest Hostgator until they finally update some of their core software. While php 5.3 is their default, they still have that older stuff there & it makes for one easy target
Click to expand...
Is there a way I can get round this ?
 
Upvote 0 Downvote
Simon, Hostgater will probably have to tell you what the exploit vector was, and how/if it was patched, whether it was PHP or something else, such as an older version of a software package on one of your neighbor's sites. That is usually the culprit, and the easiest to find and exploit.
 
Upvote 0 Downvote
Simon R said:
Can I just not ask that they put 5.3 on ? or is the problem that others on the shared server could be on 5.2 ?
Click to expand...
Most shared host that I come over no longer use php 5.2

The average seems to be on php 5.3 or moving toward 5.4, as 5.5 is already at the RC (Release Candidate) stage ... ie ... It's due to come out soon.

So 5.2 is 3 versions behind (technically).

I would inquire with whatever provider you look into, that you ask if they offer 5.2 If the answer is yes, you should probably look else where.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Ladegro
  • Question Question
XF 2.1 Forum hacked?
Replies
7
Views
2K
Ladegro
Ladegro
J
  • Question Question
XF 1.5 Forum Hacked
Replies
5
Views
1K
Digital Doctor
Digital Doctor
austinv900
  • Question Question
Hacked by XenoSquad
Replies
2
Views
666
austinv900
austinv900
J
  • Question Question
MG 1.1 Forum hacked - need to import Media Gallery
Replies
1
Views
2K
Chris D
Chris D
buonchit
  • Question Question
It seems my forum has been hacked - bug report
Replies
4
Views
1K
Mike
Mike
Top Bottom