Hacked again!
Hacked again!
The forum has been hacked again.
If you have logged in and only received a blank page your password might have been compromised. (This is unclear but expect the worst.) Please change your password to a new one without any delay.
Some parts of the forum might still not work. I am working on fixing it but I really do not understand how these things works. (Somehow someone think that it is fun to hack a forum run by someone who is defenseless and know nothing about how things work.) Please let me know if you find something broken.
Sorry about the inconvenience.
If you have logged in and only received a blank page your password might have been compromised. (This is unclear but expect the worst.) Please change your password to a new one without any delay.
Some parts of the forum might still not work. I am working on fixing it but I really do not understand how these things works. (Somehow someone think that it is fun to hack a forum run by someone who is defenseless and know nothing about how things work.) Please let me know if you find something broken.
Sorry about the inconvenience.
I tried to change the password but apparently I can't remember it correctly (damn autocomplete), so I used "Forgot my password" to reset it, but I get the following error:
It seems like they were smart enough to change the password recovery too. What should I do now?
Code: Select all
General Error
Could not find email template file :: user_activate_passwd
DEBUG MODE
Line : 111
File : emailer.php
Why choose when you can combine?
Mc_ntk:
Please read PM.
Everyone:
Please all update your passwords. There is no guarantee that the hackers have not gotten access to the current ones even if you have not been logging in during the hack. Changing passwords regularly is a good thing to do no matter what. The script mentioned above works perfectly. (It was never hacked, it was just messed up by me.)
Please read PM.
Everyone:
Please all update your passwords. There is no guarantee that the hackers have not gotten access to the current ones even if you have not been logging in during the hack. Changing passwords regularly is a good thing to do no matter what. The script mentioned above works perfectly. (It was never hacked, it was just messed up by me.)
Did something happen to the PM part of the forum? I have tried to reply to a PM that came just before the last attack, and both messages I have tried to send seem to be stuck in the outbox. If they were sent they should be in the sentbox. When I wrote them, I hit the send button, and after a few seconds the "Your message has been sent" message popped up, so I thought they had gone, but they are still in the outbox.
There's a fine line between cuddling and holding someone down so they can't get away.
The beatings will continue until morale improves.
Do not meddle in the affairs of dragons - for you are crunchy and good with ketchup.
The beatings will continue until morale improves.
Do not meddle in the affairs of dragons - for you are crunchy and good with ketchup.
I was about to post the same thing as Ken. It would probably be more secure, although you'd have to spend a little more time (as would everyone) learning the new system.
If you'd like to upgrade I don't know how your backend works but I'd recommend setting up a subdomain like test.boundanna.net and copying over your databases and files. Upgrade the test domain, let a few people know when you're doing this so they can help you beta test it. Do this for a couple weeks and then make it live by upgrading the main site.
Once you have determined what bugs need fixing and have smoothed out some of the wrinkles in the test site you can make the new launch on the main site much smoother with possibly only a day or so if downtime.
If you need any help in this matter let me know, I've been working with personal sites and friends etc in one way or another for years. I'm pretty good at this web stuff
Edit: Actually after I posted this I decided to run a test on my own personal webserver. I want to familiarize my self with this and see what it's like. PHPBB2 vs. 3
If you'd like to upgrade I don't know how your backend works but I'd recommend setting up a subdomain like test.boundanna.net and copying over your databases and files. Upgrade the test domain, let a few people know when you're doing this so they can help you beta test it. Do this for a couple weeks and then make it live by upgrading the main site.
Once you have determined what bugs need fixing and have smoothed out some of the wrinkles in the test site you can make the new launch on the main site much smoother with possibly only a day or so if downtime.
If you need any help in this matter let me know, I've been working with personal sites and friends etc in one way or another for years. I'm pretty good at this web stuff
Edit: Actually after I posted this I decided to run a test on my own personal webserver. I want to familiarize my self with this and see what it's like. PHPBB2 vs. 3
No, the PM function was not affected. When you send a PM it appears in the outbox until it have been read by the receiver. It is moved to the sentbox when the receiver have read it.cdinbonds wrote:Did something happen to the PM part of the forum? I have tried to reply to a PM that came just before the last attack, and both messages I have tried to send seem to be stuck in the outbox. If they were sent they should be in the sentbox.
An update to PHPBB3 is planed but no date have been set yet. The current forum is as safe as a PHPBB2 forum can be. No hackings have been done from within the forum. The hackers have gained access by other means and that should have been fixed now.ken1985 wrote:Just a question: wouldn't it be better to upgrade to phpBB 3.0.2?
It seems like this forum is still using phpBB 2.0, which has some
known exploits in older versions...
Thanks, I remember that when/if things does not work out.Dominion wrote:If you need any help in this matter let me know, I've been working with personal sites and friends etc in one way or another for years. I'm pretty good at this web stuff