XF 1.5 Somone uploaded porn movies to WindowsAzure directory

[fionix]

I was wondering why "WindowsAzure" is installed when installing the XenoForo and what it is needed for?

Can I delete it, there was 255 GB movies in theres uploadet yesterday..

Is there any help here?

 

[Paul B]

It's unrelated to XF.

You may want to contact your sysadmin or host to determine how the files were uploaded to the server.

 

[TPerry]

It would help if you were a little more "specific". Is this installing it on a Windows Server? Because in all my installs on Linux I've never seen that.

 

[fionix]

Well, that's not what interest me, I already did so.. and they securing the server now.. but why is this installed at all? or is it not part of XenoForo? IF I google it, I can see there are questions here where people ask about to use WindowsAzuru for XenoForo so that's why I assume it is part of the package?

 

[EQnoble]

It is not part of xenforo, it is a cloud computing platform.

https://en.wikipedia.org/wiki/Microsoft_Azure

 

[fionix]

What about the ZEND directory is that part of XenoForo? just wondering..

 

[EQnoble]

As far as I know there is no 'ZEND' directory within XF but there is a "Zend" directory located at /library/Zend/.

 

[fionix]

As far as I know there is no 'ZEND' directory within XF but there is a "Zend" directory located at /library/Zend/.

"Zend" directory located at /library/Zend/ <- that's the one I reffer to. because it is in this DIR they uploaded all they crap

 

[Jake Bunce]

What about the ZEND directory is that part of XenoForo? just wondering..

library/Zend is part of the XF software, yes.

 

[fionix]

okay.. fine..

 

[fionix]

Maybe somone with knowledge should make some information Thread or Blog post with "best practice securing your XenForo"

 

[rainmotorsports]

Maybe somone with knowledge should make some information Thread or Blog post with "best practice securing your XenForo"

There is an article or two for xenforo specifics. Which is basically password protecting the admin login area and something else similar.

The best practices otherwise are the same for any other PHP software. In general either your hosting is properly configured or its not. Xenforo is not likely to be the weak point in your security. Though like anything it could be.

 

[fionix]

do you have any links for these articles you are mentioning?

 

[rainmotorsports]

do you have any links for these articles you are mentioning?

https://xenforo.com/community/resou...and-the-install-directory-using-htaccess.353/

Off hand for the directory protection. Personally I dont do that but it can be useful.

Our server stopped getting exploited the day I got rid of vBulletin and installed Xenforo. Not a single penetration since lol. I don't even think the server is remotely secure but we used to have a weak spot for sure.

 

[adwade]

Here's a couple of other, older similar articles:

Best Way to Secure Your AdminCP

Securing admin.php with a password - nginx