XF 2.1 someone hacked my forum

ozzy47

Well-known member
Here,
 

itstuff

Member
Xenforo did. They removed the addons and banned the user. Trying to type the word results in *******. Zero search results too.

Unfortunately that is a major fault, since there is no search results to show how poor their practices were.

Search on theadminzone.com
I would say Xenforo admins should write in Terms of xenforo that harmful add-on is blacklisted because new users not aware about these blacklisted add-ons
 

woody

Active member
General rule of thumb is if an addon developer is not promoting their services on here, stay away from them.
Is that specifically noted when users purchase Xenforo? ie: outside of "just knowing", how would a new XF Admin be aware of this?
 

ozzy47

Well-known member
No, but due diligence is the responsibility of the site owner, research the developer or addons before you add them to your site.
 

woody

Active member
No, but due diligence is the responsibility of the site owner, research the developer or addons before you add them to your site.
I agree, even with addons that are sold/promoted on Xenforo.

Interestingly, the 3rd result in Google should be sufficient :) (should....)
 

Manster54

Well-known member
Is that specifically noted when users purchase Xenforo? ie: outside of "just knowing", how would a new XF Admin be aware of this?
Really, a stern warning about potential danger of addons should be prominent. I do see your point here.
 

MySiteGuy

Formerly ftsservice
I generally don't give much more than a glance at a site's content for very quick jobs. No time for distractions when working.

I initially took a look at it back in early January when he had performance issues (database had some bad settings, like a query cache over 512MB in size). I looked again today after he said there are more issues. This time I went through pages to look for queries which are problematic or anything else suspect before I started a file scan. Well, I found his site is has a section trading database dumps, stolen credit cards and stolen gift cards.

I logged out of ssh immediately, closed the browser window, notified him I can't work for him, and I'm walking away. I will not knowingly work with any site which does this sort of thing.

Indeed someone has hacked the site because on the first visit in a private window it will sometimes throw a malware warning. If it's Briv* then it's ironic.
 

Blatchy

Active member
I generally don't give much more than a glance at a site's content for very quick jobs. No time for distractions when working.

I initially took a look at it back in early January when he had performance issues (database had some bad settings, like a query cache over 512MB in size). I looked again today after he said there are more issues. This time I went through pages to look for queries which are problematic or anything else suspect before I started a file scan. Well, I found his site is has a section trading database dumps, stolen credit cards and stolen gift cards.

I logged out of ssh immediately, closed the browser window, notified him I can't work for him, and I'm walking away. I will not knowingly work with any site which does this sort of thing.

Indeed someone has hacked the site because on the first visit in a private window it will sometimes throw a malware warning. If it's Briv* then it's ironic.
Can you tell me what theme it was?
 

MySiteGuy

Formerly ftsservice
Can you tell me what theme it was?
Honestly, I don't know, I was paying more attention to addons and things in the MySQL config files than anything else.

It was one of those black site designs with loud graphics, garish icons and bizarre mix of anime/gamer style avatars so common with gamer sites so I assumed it was a gamer site before immediately diving into work. I blame myself for assuming that. I won't make that mistake again.
 

ozzy47

Well-known member
I would say Xenforo admins should write in Terms of xenforo that harmful add-on is blacklisted because new users not aware about these blacklisted add-ons
It may have not been because of an addon for your XF site, someone might have targeted your site specifically due to some of the content you have on your site.
 

ozzy47

Well-known member
Those addons you had purchased were nulled and pirated. They were not from the original addon developers.

Not to mention that the content on your site is in violation of rule #3 of the license agreement.
 
Last edited:
Top