UPDATE: Please note that I was mistaken in my original post: I was not hacked after all. I thought that because the spam cleaning links were gone, that someone altered my site before hitting me. I now know better. (Thanks again, Peter). I am a new xenforo owner (forums.basketballogy.com). Tonight is a NIGHTMARE and I need to know what happened, how to fix it, and how to prevent it from happening again. In a span of just a few minutes we got hit by hundreds of spam messages in what looks to be a coordinated attack of several users or a bot logged in as several users. More troubling though, is they must have hacked my site first because all tools to stop spam have been removed. We (my moderators and I) cannot ban them or remove the spam. All I could think of to do was quickly log in to the admin panel and mark all the categories as private, so now they should not appear to the spammers for them to hit. Next I went through the users currently logged in and manually typed the user names of spammers logged in into the admin panel and banned them that way. But even though they are banned, they are still logged in. Now I don't know what to do. They have effectively closed down my site.