XF 1.5 Security Question

Hi

Our volunteer techy help and site admin had a fairly major disagreement about 4 months ago - one of them hacked the site and basically totally buggered it up - we had it rebuilt and it is on a new server. Today one of the old techy people sent me an email telling me he still has an old backup (about 4 months old) and intends to use the "passwords and scripts" in it to destroy the site. We are a not for profit organisation supporting people who are suicidal and have mental health problems - I have 30k members that come to the site for support and, well, in a lot of cases to keep themselves alive.

We have changed all the server passwords, cpanel, root, ftp and the works. All the admin passwords for xenforo have been changed too. I believe that the passwords in the database are (or should be) all encrypted. I have no idea what he means when he refers to "using the scripts".

Any ideas on precautions I can take besides what I have mentioned to protect the site for our members? And what kind of risk I am looking at (we have a full current backup - it is taken daily server side)
 
As long as your passwords are all changed and you have no compromised scripts on your server, then you should have little to worry about.
 
That would depend on what you're running. Just XenForo? XenForo + Wordpress? XenForo + 3 things?

The more you expand out the more chance of something being compromised.

When you got your new server running, was it with fresh files or files from the old server?
 
You can check for any file that is not part of xenforo or any of the other software that you are using. But if that person has gotten only an older database, I do not see how he can heck you. The passwords are encrypted in xenforo, but to make sure change the admin password and ask your other staff members to do the same.
 
Louise,

If someone threatens you the normal thing to do is to report it to the Police isn't it.

The guy in question isn't in the UK or the US - I don't think the police of his country would actually care, though thank you for the advice.

You can check for any file that is not part of xenforo or any of the other software that you are using. But if that person has gotten only an older database, I do not see how he can heck you. The passwords are encrypted in xenforo, but to make sure change the admin password and ask your other staff members to do the same.

I have changed all the admin passwords and all the server passwords just to be safe (though I don't know how he'd have got those anyway) It's good about the passwords being encrypted. I will see if my colleague knows how to check for files that are not part of our software. Thank you.

That would depend on what you're running. Just XenForo? XenForo + Wordpress? XenForo + 3 things?

The more you expand out the more chance of something being compromised.

When you got your new server running, was it with fresh files or files from the old server?

We are running Xenforo, Wordpress and a Chat software. I don't have the skills to do more than a cursory look at the files. Maybe I just need to hire someone to take a proper look at it all from a security point of view. We did transfer files from the old server which is my big concern - I don't know if our old webmaster wrote in back doors and the like, and I haven't the first idea how to find them if he did (let alone close them). I will see if I can find someone to look at the files and stuff. I'd rather fork out some cash than wake up in the middle of the night in a panic!

Thank you all for your help/advice :)
 
We are running Xenforo, Wordpress and a Chat software. I don't have the skills to do more than a cursory look at the files. Maybe I just need to hire someone to take a proper look at it all from a security point of view. We did transfer files from the old server which is my big concern - I don't know if our old webmaster wrote in back doors and the like, and I haven't the first idea how to find them if he did (let alone close them). I will see if I can find someone to look at the files and stuff. I'd rather fork out some cash than wake up in the middle of the night in a panic!

Thank you all for your help/advice :)

If you transfered the files from a server where that admin had access to, then you must check them as soon as possible.
 
Back
Top Bottom