• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.4 IMMDEIATE HELP!

#1
Someone was able to get into the admin panel of my forums and now is deleting everything.

Is there a way to protect this from happening andy I've also backed up everything on a hardirve? Please help.

Thank you,
Oren Segal
 
#4
Okay, somehow some of the accounts and the whole node tree was deleted.

Also, user groups were deleted. I've backed up everything lately, so is there a way to regain all of that information back regarding the CP user groups, node tree etc.?
 

Brogan

XenForo moderator
Staff member
#10
It will restore the forum to the same state it was at when the backup was taken.

Any threads, posts or other content made since then will be lost.
 
#12
One of my administrator's accounts got 'hacked' and so that person immediately had access to the panel. He deleted the complete node tree, a few members, user groups and the moderators. I could clearly see that the person that to into the account didn't know how to use the admin panel, but I found out via the admin logs.
 

Martok

Well-known member
#15
One of my administrator's accounts got 'hacked' and so that person immediately had access to the panel.
How exactly was it 'hacked'? Are they using a password that is easily guessed? Are they using the same password as they use on other websites?

It's important that you determine exactly how this happened, or it could happen again. If that answer is Yes to either of the two questions above then you need to have serious words with all of your admins about security.
 
#16
How exactly was it 'hacked'? Are they using a password that is easily guessed? Are they using the same password as they use on other websites?

It's important that you determine exactly how this happened, or it could happen again. If that answer is Yes to either of the two questions above then you need to have serious words with all of your admins about security.
I'm not 100% sure on how that happened, but he managed to get into an account that had access to the panel, with a very little range of permissions so I'm thankful that no other 'damage' has been done besides what actually happened.

And yes, I agree. I shouldn't have left that account as an administrator because it was unnecessary and was barely being used.
 
#19
I would suggest you not give public accounts admin access if you can't count on them using security best practices like not reusing passwords or choosing good ones.

Another thing you might want to do is deny access to admin.php to all but localhost/127.0.0.1 (in apache/.htaccess config) and then use an ssh tunnel to access the admin.php page from the server via the tunnel. That will allow you to restrict access to only those with ssh access. Accessing admin.php from the Internet should result in a 403 Forbidden response. You can find specific instructions with google.