• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

SQL injection help and prevention

So my website which uses xenforo has been a target of heavy attacks for the last 3 weeks. I guess a hacker group has sworn to take my site down and will not stop until we are gone. I got the following message from our "friends" that they will be now using a SQL injection attack in 2 days and posted some issues and flaws with xenforo. Unfortunately I have no idea to prevent this and what to do to beef up security. Also how to fix the issues stated by these hackers...Any ideas or documents I can start reading up?


Jake Bunce

XenForo moderator
Staff member
Please post the full URLs from that screenshot, or PM me. I will investigate each of the injection claims. But I suspect they are bogus.

There are no known vulnerabilities in the current software. Of course I can't speak for third party addons.
Yes I am running on 1.3 right now, and I attached the following add-ons. I am most likely going to disable it all but XenPortal (unfortunately it will change the site too much) and block file uploads as I know these people are more then capable on doing what they say if they find any holes. That picture they gave me unfortunately was just a screenshot and I don't have the full links... We just blocked all SSH access to start but looking for other security methods we can do.