1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Posts edited by a user.

Discussion in 'Troubleshooting and Problems' started by Jaayden, Mar 30, 2014.

  1. Jaayden

    Jaayden New Member


    Today around 8am gmt+8 our forum was hacked by a user who was never staff.

    The user managed to edit all our admin posts.

    We have checked the logs and we can't seem to find out how the user who wasn't even staff managed to do this?

    We did revert the posts back to the original post and it clearly states who the user was that edited it.

    This is a huge security flaw and I don't think we can continue using XenForo after this as it will just happen again.
  2. oman

    oman Well-Known Member

    May not necessarily be a XenForo bug.

    Could be something to do with your host, it could be that your passwords weren't strong enough.

    You should get your host to provide you with full server logs so you can try and determine what and how the site was hacked.
  3. Jaayden

    Jaayden New Member

    Like I said, a forum user edited other users forum posts? how does a forum user with no permissions edit other users posts on the forum?

    My host is fine.
  4. whynot

    whynot Well-Known Member

    Check the permissions, this user has.
  5. Jaayden

    Jaayden New Member

    The member was a user, recently registered & was never staff on the website. Default user permissions.
  6. Moshe1010

    Moshe1010 Well-Known Member

    How do you know that your host is fine if you haven't checked any logs?

    A registered user can't edit any posts unless a permission is set to do so. The permission can be granted through something on the server (hosting related) or through a security flaw in one of your add-ons. You can't blame XenForo for this since you have no lead on the problem except that one of your users edited all your admins posts.

    This could happen by many means, and since it hasn't happen with any big XF boards here (that are more popular for hacking attempts than your board), then I assume it's not a problem in XF but rather something that is specific to your installation.
    borbole, oman and Amaury like this.
  7. oman

    oman Well-Known Member

    This ^^
  8. Jaayden

    Jaayden New Member

    Sorry I thought permissions were granted on the admin panel which isn't related to the server. I must be retarded hey.

    It was probably a plugin, however, I am moving on from xenForo regardless.

    thanks for the outstanding support.
  9. Martok

    Martok Well-Known Member

    So, you have no evidence as to what caused the hack. You initially blame Xenforo with no evidence, then you say it's 'probably a plugin' but again give no evidence that even this is the case or which plugin you're blaming. So now you're saying you're going to move on from Xenforo anyway?! This sounds like you're looking for any excuse to move on to other forum software, heck knows why.

    It would be extremely foolish for you to do anything until you've identified the exact cause of the breach (software, plugin, poor permissions set-up, weak moderator/administration passwords, disgruntled moderator who deliberately gave the user these editing rights temporarily, hosting issues or other possibilities). If you don't identify the issue first then you could simply be taking the problem with you to other software.
    oman, Amaury and borbole like this.
  10. borbole

    borbole Well-Known Member

    I don''t think that there is any need for sarcasm. We are all trying to help you out.

    Regarding the issue at hand, there is no known security issue with xenforo as of this version. Matter of fact there has never been a single security with xenforo at all. Like mentioned above, you come here and make these claims of how xenforo is at fault but yet you have no solid proof to back them up. I would advice you the same like the other users above did, ask your host to check their logs around the time of the hack and see what went down. Otherwise no matter what software you will move to, it is likely to happen again.
    oman, whynot and Amaury like this.
  11. Mike

    Mike XenForo Developer Staff Member

    If you can provide things like raw web server access logs and some of the logging tables in XenForo, I can attempt to look into this. If you are able to provide those (or access to get them), please submit a ticket from your customer area and we'll look into it from there.
    borbole likes this.

Share This Page