is that so easy to hack IPB ? :(

[OrangeMood]

is that so easy to hack ipb? because my forum hacked twice in 2 month, 1st table ibf_post deleted, when i;m using 2.1.4 then now table ibf_member deleted now i'm using 2.1.7 . :( what should i do to make this board secure? i'm update the security patch issues, maybe should i change to vbulletin?

this is the message, now i'm trying to restore from the last backup last week. :( blah... headcache...

---------

mySQL query error: SELECT m.id, m.name, m.mgroup, g.g_access_cp FROM ibf_members m, ibf_groups g WHERE m.id=1 AND g.g_id=m.mgroup AND g.g_access_cp=1

SQL error: Table 'orange14_newforum.ibf_members' doesn't exist

SQL error code:

Date: Saturday 18th 2006f November 2006 07:05:19 AM

---------

Edited November 18, 2006 by OrangeMood

[DreadBoat89]

you are using 2.1.4... which has so many issues. especially when the latest is 2.1.7 and 2.2 is coming out shortly...

your board is getting hacked because you arent updating

[OrangeMood]

you are using 2.1.4... which has so many issues. especially when the latest is 2.1.7 and 2.2 is coming out shortly...

your board is getting hacked because you arent updating

no, sorry i'm not write it, now i'm using 2.1.7 and still hacked...

[Snoopy2005uk]

make sure your passwords are secure, ask your host to check what IPs have been accessing your database and block it.

Maybe you have done an upgrade wrong? are you 100% sure its been hacked?

[Cole]

make sure your passwords are secure, ask your host to check what IPs have been accessing your database and block it.

Maybe you have done an upgrade wrong? are you 100% sure its been hacked?

The main IPB company website has been hacked on it's own waay too much. Switch over to another product like vBulletin or Mybb or something similar.

[Fred Derf Veteran]

The main IPB company website has been hacked on it's own waay too much. Switch over to another product like vBulletin or Mybb or something similar.

They can all be hacked. IPB has had a bad few months, that I won't deny, but it happens to all of them.

So far, we haven't had to restore any backups or deal with any complicated problems.

/me knocks on wood.

[omegabyr]

Make sure any mods that you have installed are up to date.

[Quillz]

The main IPB company website has been hacked on it's own waay too much. Switch over to another product like vBulletin or Mybb or something similar.

And when those solutions get hacked, then what?

[Tomi]

The main IPB company website has been hacked on it's own waay too much. Switch over to another product like vBulletin or Mybb or something similar.

Yes, because those products have never been hacked. Right. :rolleyes:

IPB's been the main target over the past few months, and since then, IPB 2.2 has taken lots of security audits to make sure that the possibility of a repeat doesn't happen again.

You can't ever be fully secure these days, that's starting to grow impossible as knowledge grows.

Anyways, check for any backdoors. In 2.1.7 there's a security centre 'feature' that can help you do that, in the ACP.

[alen33]

convert to vb, save urself the hassle

[wctaiwan]

:/ Just keep your board updated... I suppose that's all you can do. And converting to another system won't necessarily solve the problems, they'll just hack you all the same. There is no absolutely secure bulletin board software.

wctaiwan

[Schentler]

also ... make daily backups of your site!!!

[roosevelt]

Here are some some of the things you need to do or watch yourself for.

• Look around your IPB board folders and search for any file names with config.txt, c.txt, database.txt and/or conf_global.txt. Some retarded web host are so bad that sometimes an exact copy of a file with php extension of those names are re-created with the .txt extension. And makes it really easy for the hackers to open those files and read your database details.
  
• Use a php script which downloads your database and sends them via email to you. Then setup a cron job to execute that file.
  
• If you have phpmyadmin or similar files under /www or /public_html then get rid of it from there.
  
• If your config files or something that shouldn't be accessd by http:// then CHMOD them to 644 for the files and 755 for the folders.
  
• I hope you are not running a nulled/cracked version. Because hacker/crackers actually leaves back doors open.
  
• If you are hosted in a shared server, then make sure in apache (if using) Prevent Users from reading other webroots is turned on.
  
• Switch to vBulletin. I used phpBB, IPB, WowBB, and many others. Among them vBulletin was really cool with me.
  

That's all I can think of.

[lerum]

IPB 2.2 Final is coming out really soon, I'd wait till that comes out rather than shed out more money for vB.

After their experiences with flaws in IPB 2.1 they put IPB 2.2 through a security audit to make sure its even more secure :)

[Quillz]

convert to vb, save urself the hassle

Except that vB can and has been hacked in the past. vB is no more secure than IPB.

[roosevelt]

Dude everything that that has a lock can be opened. In other words if you claim IPB is more secure or vB is more secure then both of you will be wrong. Its just a matter of time or how many hackers out there trying to break which lock first.

[p858snake]

have you been banning the ip's that have been attacking your forum from the site

[ßéár]

also ... make daily backups of your site!!!

I do that, they get send to my e-mail and backed up on my site too.

[Victor V.]

Some warez products come with hidden codes to hack newbies. That's why you should make sure you took it from IPS Corp...