• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.3 Server error

#1
Logged in this evening and i got 'server error, please try again later'

I go to log in and it bring me to that message again

i typed in the admin page in the www bar and i get this

Code:
Server Error

Mysqli prepare error: Unknown column 'user.user_id' in 'where clause'

Zend_Db_Statement_Mysqli->_prepare() in Zend/Db/Statement.php at line 115
Zend_Db_Statement->__construct() in Zend/Db/Adapter/Mysqli.php at line 381
Zend_Db_Adapter_Mysqli->prepare() in Zend/Db/Adapter/Abstract.php at line 478
Zend_Db_Adapter_Abstract->query() in Zend/Db/Adapter/Abstract.php at line 753
Zend_Db_Adapter_Abstract->fetchRow() in XenForo/Model/User.php at line 427
XenForo_Model_User->getUserById() in XenForo/ControllerAdmin/Login.php at line 10
XenForo_ControllerAdmin_Login->actionForm() in XenForo/FrontController.php at line 347
XenForo_FrontController->dispatch() in XenForo/FrontController.php at line 134
XenForo_FrontController->run() in /home/thegamer/public_html/admin.php at line 13
any help please
 

Mike

XenForo developer
Staff member
#2
It looks like the most fundamental column of the user table has been removed. You will almost certainly need to revert to a backup. The key would be attempting to identify what happened -- I basically couldn't guess as there's nothing in the system that would go near that.
 

Brogan

XenForo moderator
Staff member
#6
You will need to contact your host, you appear to have been hacked.

You will need to restore from a backup and also identify how the hacker gained access and stop them from doing so again.
 

Tracy Perry

Well-known member
#8
ok thank you and ive no idea how, i even installed the ACP firewall protection
Odds are you have a simple to guess password in use for either cPanel, your SSH login (if you are using a VPS/Dedi) or your normal forum account.
ACP firewall is OK, but I use 2 factor authentication for my administrative accounts on my forums, Keys and 2 factor authentication for my SSH logins and have NO panels in use, mySQL connections to the port are restricted to localhost and no FTP enabled.

In addition, if you are using any other scripts (WordPress, etc) one of the plugins may have a vulnerability.

Also, for future always perform a manual backup after you get your forum fully configured so that you have a base to go back to and then perform regular backups yourself. Not only of the DB but the forum structure itself.
 
#9
Odds are you have a simple to guess password in use for either cPanel, your SSH login (if you are using a VPS/Dedi) or your normal forum account.
ACP firewall is OK, but I use 2 factor authentication for my administrative accounts on my forums, Keys and 2 factor authentication for my SSH logins and have NO panels in use, mySQL connections to the port are restricted to localhost and no FTP enabled.

In addition, if you are using any other scripts (WordPress, etc) one of the plugins may have a vulnerability.

Also, for future always perform a manual backup after you get your forum fully configured so that you have a base to go back to and then perform regular backups yourself. Not only of the DB but the forum structure itself.
Thanks yes i need to do all of the above to protect my site, my host is doing a full back up for me today so i shall get on it if it can all get sorted today that is
 

Brogan

XenForo moderator
Staff member
#10
Make sure you change your passwords as soon as the restore is complete.
That applies to everything you have installed, including e.g. WordPress.
 
#11
Make sure you change your passwords as soon as the restore is complete.
That applies to everything you have installed, including e.g. WordPress.
I have already changed my cpanel pass, not sure what else i would need to change i shall also change my log in when its back up
 

Tracy Perry

Well-known member
#13
Thanks yes i need to do all of the above to protect my site, my host is doing a full back up for me today so i shall get on it if it can all get sorted today that is
I would not restore from a backup that is known to be hacked (so no real need for them to do a backup of your existing). Hopefully you had a backup from them already prior to the date this occurred?
 

Tracy Perry

Well-known member
#15
Also, is this a VPS/dedi server or shared hosting? If VPS/dedi (and you are using Debian or Ubuntu) start a convo with me. I can probably help secure it down for you (using keys/2 factor for ssh login, etc).

EDIT: BTW, no fee required. Or you can contact me via my Skype contact in my profile.