Posts edited by a user.

[Jaayden]

Hi,

Today around 8am gmt+8 our forum was hacked by a user who was never staff.

The user managed to edit all our admin posts.

We have checked the logs and we can't seem to find out how the user who wasn't even staff managed to do this?

We did revert the posts back to the original post and it clearly states who the user was that edited it.

This is a huge security flaw and I don't think we can continue using XenForo after this as it will just happen again.

 

[oman]

May not necessarily be a XenForo bug.

Could be something to do with your host, it could be that your passwords weren't strong enough.

You should get your host to provide you with full server logs so you can try and determine what and how the site was hacked.

 

[Jaayden]

Like I said, a forum user edited other users forum posts? how does a forum user with no permissions edit other users posts on the forum?

My host is fine.

 

[whynot]

We have checked the logs and we can't seem to find out how the user who wasn't even staff managed to do this?

We did revert the posts back to the original post and it clearly states who the user was that edited it.

This is a huge security flaw and I don't think we can continue using XenForo after this as it will just happen again.

Check the permissions, this user has.

 

[Jaayden]

Check the permissions, this user has.

The member was a user, recently registered & was never staff on the website. Default user permissions.

 

[Moshe1010]

Like I said, a forum user edited other users forum posts? how does a forum user with no permissions edit other users posts on the forum?

My host is fine.

How do you know that your host is fine if you haven't checked any logs?

A registered user can't edit any posts unless a permission is set to do so. The permission can be granted through something on the server (hosting related) or through a security flaw in one of your add-ons. You can't blame XenForo for this since you have no lead on the problem except that one of your users edited all your admins posts.

This could happen by many means, and since it hasn't happen with any big XF boards here (that are more popular for hacking attempts than your board), then I assume it's not a problem in XF but rather something that is specific to your installation.

 

[oman]

Like I said, a forum user edited other users forum posts? how does a forum user with no permissions edit other users posts on the forum?

My host is fine.

How do you know that your host is fine if you haven't checked any logs?

A registered user can't edit any posts unless a permission is set to do so. The permission can be granted through something on the server (hosting related) or through a security flaw in one of your add-ons. You can't blame XenForo for this since you have no lead on the problem except that one of your users edited all your admins posts.

This could happen by many means, and since it hasn't happen with any big XF boards here (that are more popular for hacking attempts than your board), then I assume it's not a problem in XF but rather something that is specific to your installation.

This ^^

 

[Jaayden]

How do you know that your host is fine if you haven't checked any logs?

A registered user can't edit any posts unless a permission is set to do so. The permission can be granted through something on the server (hosting related) or through a security flaw in one of your add-ons. You can't blame XenForo for this since you have no lead on the problem except that one of your users edited all your admins posts.

This could happen by many means, and since it hasn't happen with any big XF boards here (that are more popular for hacking attempts than your board), then I assume it's not a problem in XF but rather something that is specific to your installation.

Sorry I thought permissions were granted on the admin panel which isn't related to the server. I must be retarded hey.

It was probably a plugin, however, I am moving on from xenForo regardless.

thanks for the outstanding support.

 

[Martok]

So, you have no evidence as to what caused the hack. You initially blame Xenforo with no evidence, then you say it's 'probably a plugin' but again give no evidence that even this is the case or which plugin you're blaming. So now you're saying you're going to move on from Xenforo anyway?! This sounds like you're looking for any excuse to move on to other forum software, heck knows why.

It would be extremely foolish for you to do anything until you've identified the exact cause of the breach (software, plugin, poor permissions set-up, weak moderator/administration passwords, disgruntled moderator who deliberately gave the user these editing rights temporarily, hosting issues or other possibilities). If you don't identify the issue first then you could simply be taking the problem with you to other software.

 

[borbole]

Sorry I thought permissions were granted on the admin panel which isn't related to the server. I must be retarded hey.

It was probably a plugin, however, I am moving on from xenForo regardless.

thanks for the outstanding support.

I don''t think that there is any need for sarcasm. We are all trying to help you out.

Regarding the issue at hand, there is no known security issue with xenforo as of this version. Matter of fact there has never been a single security with xenforo at all. Like mentioned above, you come here and make these claims of how xenforo is at fault but yet you have no solid proof to back them up. I would advice you the same like the other users above did, ask your host to check their logs around the time of the hack and see what went down. Otherwise no matter what software you will move to, it is likely to happen again.

 

[Mike]

If you can provide things like raw web server access logs and some of the logging tables in XenForo, I can attempt to look into this. If you are able to provide those (or access to get them), please submit a ticket from your customer area and we'll look into it from there.