1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.2 Index.html security breach

Discussion in 'Troubleshooting and Problems' started by igztryhard, Aug 18, 2014.

  1. igztryhard

    igztryhard Member

    Hey, so recently my forums framepvp.com has been "hacked"/exploited. Someone has been able to change the actual website into what ever the exploiter wants without the help of a person with admin privileges.

    After removing index.html the forums turns back to normal but the person can repeat the same procedure to make it happen again.
    Have I forgot something in the installation? I don't know.
    Please help
     
  2. Liam W

    Liam W Well-Known Member

    Sounds to me like someone accessed your FTP and uploaded a index.html file.

    index.html is looked for before index.php when looking for an index page.

    Liam
     
  3. Brogan

    Brogan XenForo Moderator Staff Member

    Are you on shared hosting?

    Do you have anything else installed other then XenForo; WordPress for example?
     
  4. igztryhard

    igztryhard Member

    Hello, i'm only running a minecraft server on it, and i'm positive no one has access to FTP but me considering I changed the FTP login password today.
    I'm not on shared hosting
     
  5. EQnoble

    EQnoble Well-Known Member

    A quick qoogle search says there was recently an exploit discovered in that game's server software and according to the article people who use it should patch quickly. According to the article the exploit would allow a malicious person to gain any users access to your web server through the exploit in the game server software and therefor could be the way a person gained access to add a file and do whatever they did if that is in fact the case.
     
  6. igztryhard

    igztryhard Member

    Is this a troll?
     
  7. duderuud

    duderuud Active Member

    Why would it be??
     
  8. igztryhard

    igztryhard Member

    Because I find nothing about it and it sounds highly doubtful.
    Back to topic. Could Apache or PHPAdmin not successfully set up be the cause of someone accessing and uploading files to servers webroot?
     
  9. Brogan

    Brogan XenForo Moderator Staff Member

    Ask your host to check the logs to determine who gained access, when and how.
     
  10. EQnoble

    EQnoble Well-Known Member

    It is an offering to you of a place to look for the root of your actual problem.

    You are running a minecraft server and when I saw that I googled 'minecraft server exploit' and found articles posted within the past couple of days.

    So no, and no...I do not support trolling, if you feel that I was trolling there then I will refrain from helping you at all and leave you with a note that you should probably check the site the distributes the software you are running for your game and ask those questions there since it should be obvious that if you are running a game software on your webserver that it could present a vector for attack.

    Good luck.
     

Share This Page