My SMF Site Was Hacked - SMF Hacked Again

My Smf Site Hacked Smf Hacked Again - Web Design, Hosting, SEO, Client Help - Posted: 26th Aug, 2012 - 7:46pm

Register Login Text RPG Play Text RPG ?     New: 2 48 95 Why Join Help Register/Login via:Register/Login via:
Welcome Guest

+  1 2 3 
Posts: 17 - Views: 3350 Rating: 8/10 out of 7 Votes
Simple Machines
Post Date: 22nd Jul, 2012 - 12:16am / Post ID: #

Admin + Architect
[?] CPosts: 36,663
Posts: 46,694
Avg: 8.5 Post(s) / Day
Activity: 100%
[+] Gain: 2,704.21 FP
Charm: 319

My SMF Site Was Hacked - SMF Hacked Again

My SMF Site Was Hacked - SMF Hacked Again

I titled this Thread like this because I sometimes see people post "help" Requests like this in SMF Help Wanted section due to their site being messed up by someone either known or unknown to them. Usually, the first inclination of the victim SMF user is to blame SMF's software, but here are some things to consider, see if any of them relate to your situation:

1. First, did you have the latest SMF, with all the updated patches / security fixes installed? You won't believe how many people still run massive sites using old software that has many bugs and security holes in it. It is very important to have the LATEST version of SMF installed on your site.

2. Are you are on cheap shared hosting? No matter how secure your SMF is if your host doesn't care much about security then people on other shared accounts can get to you that way, for that matter anyone that visits your site can as well. Stay away from shared hosting if you really care about your site. As a minimum go with VPS (Virtual private server) where you can at least dictate the server software you use and how it responds to requests. You may say that having a VPS or dedicated server is just too much money for you, well as they say "cheap things no good". Being online is a significant investment you need to have a reputable host AND be prepared to spend time ensuring your account with them cannot be compromised.

3. Are you giving out your passwords? I often tell my clients to change passwords often because they are susceptible to being picked at from Emails. You should also choose a password that is not a birth date, your name, etc. See here: Source 3 then you may ask well how will anyone see my password from my Email and that brings us to #4 below.

4. Is your computer secure? Someone can be logging your computer key strokes or spying with you if:
-- You do not have a very good firewall installed.
-- You tend to use public or insecure internet connections
-- You do not have a secure browser
-- You are predictable - in other words you leave traces or habits that a hacker can expect you to make / do. For example: you broadcast to everyone when you are online, what you are accessing, what sites you visit, etc.
-- Your OS (Operating system like Windows, Mac, etc.) is out of date and does not have the latest security patches installed
-- You tend to visit questionable sites
-- You tend to click links in Emails without verifying them

5. Are the permissions on your files correct? On servers that need file write permission you give 'too much' permission then you open your server up to hackers who can adjust your files at will!

6. What kind of Administrator are you? Just one 'tiny' setting can open up your whole SMF to a hack attack because you leave it open for guests or chose the wrong option. You may wish to read over this: Source 1

You need to consider the internet like a big swimming pool with everyone sharing the SAME water you are in. You have to be on guard at all times.

I may add more to this Thread in the future.
SMF Services

Sponsored Links:
Post Date: 1st Aug, 2012 - 8:00am / Post ID: #

Member Junior
[?] CPosts: 49
Posts: 53
Avg: 0.0 Post(s) / Day
Activity: 0.7%
[+] Gain: 200.00 FP
Charm: 8

Again Hacked SMF Hacked Site SMF My

If someone is stuck with shared hosting (at least for a little while), are there any SMF modifications or other ways to protect the site? if you already have good firewall, \private browser, very good active anti-virus, anti-spy, and malware active protection? Have latest SMF and security patches, too, of course. And keep computer clean daily.

I am freq monitoring whose on site a lot and just banning IP's of anybody suspicious, even servers IP's when I can, checking error log freq, have refused all permissions for anyone other than admin except to read - no one allowed to log on, register or post etc; stopped leaving my computer on when I'm not watching it. It's killed my site's numbers by 75% past month, but I don't care about that right now.

I have someone harassing me - my email accounts have had passwords changed twice (yahoo and gmail but not the hushmail acct or twitter - that one's hard to believec). He hasn't gotten thru new modem/router/protective software and new computer, different IP, since I changed everything. Web site was hacked sev times but not lately. I download data every night in case of problems. He even tried to access my cell phone account with phony story and my birthdate but company didn't fall for his line - Thank you Boost Mobile! He was sending unwanted obnoxious spam to my private email accounts - which I've dealt with....

Have changed times when I am on net somewhat; stopped leaving my computer on when I'm not watching it and not using it nearly as much as I was before, just stepping back from net a bit except monitoring site and emails; created really hard passwords and changing them freq on everything; keeping low profile on places where I used to be a lot; created a new twitter acct because he watches my other one to see when I'm online so letting it sit for a while. I know HIS time schedule very well, ck the twitter account he still uses, and watch carefully when I know he is online.

Someone says he is 'cyberbullying' me and has committed crimes by hacking me, but tho phone harassment complaint I took out on him stopped phone calls, none of the police had anything to say about the internet things. He's been doing this constantly for 2 months now. At least 1-2x/week there's something. Different things so never know what to expect.

Just wondered if there were any SMF modifications or other software, anything else, I can do to protect myself from him online?

It makes me want to take computer courses, learn to be a hacker or something so I know more about how they work and don't feel so violated, so helpless...

Coming from an abusive childhood, I think makes it even more difficult for me to feel at his mercy and I want control of my life back again. There are also measures I've taken for my physical safety, tho nothing is foolproof, of course. I should be afraid, he is a violent person...but I'm so angry at all the things he's doing, that I'm not afraid. I would like to be a Navy Seal or Marine and kick his butt. :)
Bullies are cowards.

Post Date: 1st Aug, 2012 - 5:26pm / Post ID: #

Admin + Architect
[?] CPosts: 36,663
Posts: 46,694
Avg: 8.5 Post(s) / Day
Activity: 100%
[+] Gain: 2,704.21 FP
Charm: 319

My SMF Site Was Hacked - SMF Hacked Again Help Client SEO Hosting Design Web

Attached Image QUOTE (LadySaoirse)
If someone is stuck with shared hosting...

Once you are on shared hosting you are susceptible to how the host controls the server as well as the behavior of other shared accounts on that host. Think of a big swimming pool with a whole bunch of people in it. If one decides to pee (sorry for the example) then the water gets carried to all the rest. You cannot put a 'magic' barrier around yourself to stop that 'pee' reaching you.

There are measures you can place IF you have root access to a server which is NOT available in shared hosting: .htaccess, PHP function disables, server firewalls, Mod secure definitions and so forth.

Do note; no amount of security can stop a determined hacker pin pointing you specifically. You can delay him but there are so many ways to hack in or bring down a site. Usually all security settings established by ANYONE that is hosting a site is mostly to stop the average lurker, spider, malicious bot, etc. Not for someone that wants to cause you misery.

Attached Image QUOTE
Just wondered if there were any SMF modifications or other software, anything else, I can do to protect myself from him online?

SMF of itself is just software and secure enough without adding anything to it. This is mostly about your host, your password strength and how secure your online connections are, there is nothing different to what I said above.

Post Date: 8th Aug, 2012 - 12:47pm / Post ID: #

Member Junior
[?] CPosts: 30
Posts: 35
Avg: 0.0 Post(s) / Day
Activity: 0.3%
[+] Gain: 209.46 FP
Charm: none

Again Hacked SMF Hacked Site SMF My

Can SMF have loopholes that aren't discovered as yet? I mean maybe there is a weakness in the source code of SMF that some hacker has exploited.

Post Date: 8th Aug, 2012 - 12:57pm / Post ID: #

Admin + Architect
[?] CPosts: 36,663
Posts: 46,694
Avg: 8.5 Post(s) / Day
Activity: 100%
[+] Gain: 2,704.21 FP
Charm: 319

Again Hacked SMF Hacked Site SMF My

Well of course, as I said before a true hacker determined to get in will eventually get in, BUT in general this is not true. Keep in mind that SMF has thousands of users, therefore if they are hacked and report it then the SMF team can determine if it was something to do with the source coding. There are also ethical hackers that check the software to see if they can routinely hack in. If anything is discovered it is fixed with a patch, hence it is very important to ensure you are always using the latest version of SMF.

Post Date: 16th Aug, 2012 - 6:36pm / Post ID: #

My SMF Site Was Hacked - SMF Hacked Again

Name: Learning

Comments: I learned my lesson from being on shared hosting, it was the pits. There was so much downtime, I got database connection errors and worst of all my site was hacked. Luckily my SMF content wasn't touched and I do make regular backups. I'm on VPS hosting now, sure I pay more but the peace of mind is worth it.
Post Date: 26th Aug, 2012 - 11:45am / Post ID: #

Member Seasoned
[?] CPosts: 385
Posts: 389
Avg: 0.1 Post(s) / Day
Activity: 2.9%
[+] Gain: 73.71 FP
Charm: 2

My SMF Site Hacked SMF Hacked Again

In general one of the big reasons site's are hacked is because the server is not updating their software daily. The reason they limit the updates is because it pulls resources needed on an already stuffed shared server. Some people might start complaining that an update also brakes their site. Web site owners such as in the case where you have SMF you need to ensure your site is constantly meeting the needs of security updates and not the other way around.

Post Date: 26th Aug, 2012 - 7:46pm / Post ID: #

Admin + Architect
[?] CPosts: 36,663
Posts: 46,694
Avg: 8.5 Post(s) / Day
Activity: 100%
[+] Gain: 2,704.21 FP
Charm: 319

My SMF Site Hacked SMF Hacked Again

Good info Geek and it reminds me of something I didn't mention originally... Although you might be keeping the basic SMF up to date you have to do the same with any modifications you have installed because mods can open you up for attack if they are not well written, not for your version of SMF, not updated by the original author to keep up with current versions of SMF or used improperly. I see a lot of sites using the latest SMF but with outdated mods. It is like having a very strong metal door with a weak lock therefore leaving you vulnerable for attack.

Guest please SHARE: "My SMF Site Was Hacked - SMF Hacked Again" on:

+  1 2 3 
Sponsored Links:

We may have more on My SMF Site Was Hacked - SMF Hacked Again, Search first and if not Start A NEW Topic if My SMF Site Was Hacked - SMF Hacked Again is not what you had in mind.
Options Fast Reply Add Reply Add Poll

No Registration Required!

We welcome input from visitors:
Add Comment As A Guest
, please check your grammar before submitting. ?

 Enable Smilies  Enable Signature

Tip TIP: Press above button ONCE only. If you come back here via the [Back] button on your browser then you will need to click [More Options] button (below) first in order to re-enable your ability to Post.

> TOPIC: My SMF Site Was Hacked - SMF Hacked Again



Donate Compare Membership
International Discussions Coded by: BGID® ALL RIGHTS RESERVED Copyright © 1999-2017
Disclaimer Privacy Report Errors Credits

Top 20 Liked

1. Pandora - 331
2. FarSeer - 300
3. KNtoran - 250
4. Vincenzo - 241
5. Nighthawk - 225
6. Funbikerchick - 182
7. Malexander - 149
8. Abnninja - 135
9. Krakyn - 134
10. Kyrroeth - 112
Auto Updated: Every 31 minutes.
11. DianeC - 109
12. Dbackers - 91
13. Howe6079 - 82
14. Bwren - 69
15. Daishain - 68
16. Aericsteele - 67
17. Geenie - 63
18. JPatt - 57
19. Smudge - 52
20. Arvhic - 51

World Issues

USA vs North Korea:
North Korea Nuclear Weapons
versus USA This country is no Iraq. What is the USA going to do? What will be the outcome? By Abnninja 14 Hours Ago
North Korea vs South Korea:
versus North Korea Vs. South Korea By Abnninja 1 Week Ago
North Korea Military:
Discuss  North Korea Military This Thread is about the North Korean Military itself - the kind of army, navy, and air force they have. By Abnninja 9th Aug, 2017 - 2:07am
China vs USA:
USA versus China versus Chinese versus Americans The role of its Army, Politics, and Status in the World. By Abnninja 6th Aug, 2017 - 1:47am
USA vs Syria:
versus U.S.A. Is Syria the next Iraq? By Abnninja 4th Aug, 2017 - 4:48pm
Russia vs. Syria:
Syria vs Russia By Abnninja 4th Aug, 2017 - 4:40pm
USA vs Germany:
Germany versus U.S.A. By Abnninja 2nd Aug, 2017 - 5:36am
Japan vs North Korea:
North Korea versus Japan versus War With Japan By Abnninja 29th Jul, 2017 - 7:42pm
China Military:
China Military Technology Preparing For China. China is growing their military. China Military Technology - can it keep up with the US? By Abnninja 5th Mar, 2017 - 5:25pm
China Navy:
Chinese Aircraft Carrier
China Navy Beware the new Naval power, they are planning to come on stream with big naval might to match their ground forces. Chinese Aircraft Carrier - Chinese Navy By News 17th Dec, 2016 - 12:39am