XF 2.1 someone hacked my forum

itstuff

Member
hello,

someone hacked my forum and copy my all database and post on another site...

please anyone here who can find the error in my forum, how hacker got my database of my forum

please please expert please help me.

am not feeling secure anymore..please help.

thanks
 
Here,
 
Xenforo did. They removed the addons and banned the user. Trying to type the word results in *******. Zero search results too.

Unfortunately that is a major fault, since there is no search results to show how poor their practices were.

Search on theadminzone.com
I would say Xenforo admins should write in Terms of xenforo that harmful add-on is blacklisted because new users not aware about these blacklisted add-ons
 
No, but due diligence is the responsibility of the site owner, research the developer or addons before you add them to your site.
I agree, even with addons that are sold/promoted on Xenforo.

Interestingly, the 3rd result in Google should be sufficient :) (should....)
 
I generally don't give much more than a glance at a site's content for very quick jobs. No time for distractions when working.

I initially took a look at it back in early January when he had performance issues (database had some bad settings, like a query cache over 512MB in size). I looked again today after he said there are more issues. This time I went through pages to look for queries which are problematic or anything else suspect before I started a file scan. Well, I found his site is has a section trading database dumps, stolen credit cards and stolen gift cards.

I logged out of ssh immediately, closed the browser window, notified him I can't work for him, and I'm walking away. I will not knowingly work with any site which does this sort of thing.

Indeed someone has hacked the site because on the first visit in a private window it will sometimes throw a malware warning. If it's Briv* then it's ironic.
 
I generally don't give much more than a glance at a site's content for very quick jobs. No time for distractions when working.

I initially took a look at it back in early January when he had performance issues (database had some bad settings, like a query cache over 512MB in size). I looked again today after he said there are more issues. This time I went through pages to look for queries which are problematic or anything else suspect before I started a file scan. Well, I found his site is has a section trading database dumps, stolen credit cards and stolen gift cards.

I logged out of ssh immediately, closed the browser window, notified him I can't work for him, and I'm walking away. I will not knowingly work with any site which does this sort of thing.

Indeed someone has hacked the site because on the first visit in a private window it will sometimes throw a malware warning. If it's Briv* then it's ironic.
Can you tell me what theme it was?
 
Can you tell me what theme it was?

Honestly, I don't know, I was paying more attention to addons and things in the MySQL config files than anything else.

It was one of those black site designs with loud graphics, garish icons and bizarre mix of anime/gamer style avatars so common with gamer sites so I assumed it was a gamer site before immediately diving into work. I blame myself for assuming that. I won't make that mistake again.
 
Those addons you had purchased were nulled and pirated. They were not from the original addon developers.

Not to mention that the content on your site is in violation of rule #3 of the license agreement.
 
Last edited:
Top Bottom