|
Joined: Apr 2008
Posts: 46
newbie
|
newbie
Joined: Apr 2008
Posts: 46 |
hi looking for some advice and help. on the forum i run we had 3 admin status users but i had to ban one. now everytime i try to loggin my passowrd has been changed so i have to get other admin ueser to going and change the password so i can logging. can you help here by telling me how he can do this as he is been ban from the forum please and how to stop it. we know it is the admin person who was ban because even text me saying he did. please help it is getting very annoying Carlos
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
well, if he was admin, he knows a heck of a lot about your board.
ie: mysql login details, paths and stuff...
did you just ban his username? IP ? what?
what kind of knowledge is this person? is he a programmer type? just a joe blow web user?
have you examined the admin logs to see what is going on?
what version board are you running?
|
|
|
|
Joined: Apr 2008
Posts: 46
newbie
|
newbie
Joined: Apr 2008
Posts: 46 |
hi he know alot about computer and editng and websites. the version we are using is 7.3b5. i think we just ban the name how do you ban the ip address. yes i have exmaind the logs and can not see anything strange. Carlos
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
yoursite.com/admin/membermanage.php allows you to ban his IP, although if he's web savvy he'll just use a proxy to get around that. i'd change the mysql password too and also configure mysql (if possible) to only allow localhost connections. if he knew the FTP password, then nothing you do will stop him from screwing with you.. you'd need to change that too.. you mighta banned him too quick, before getting all the stuff secured i guess i'd have to look at it closer to see what's going on though..
|
|
|
|
Joined: Apr 2008
Posts: 46
newbie
|
newbie
Joined: Apr 2008
Posts: 46 |
cheers for that how do i change mysql password is that the password for my own server. i have change the password for FTP password. thanks for the infor what happen if you say you have forgot my passward to the forum where does the new password go to just had a thought. Carlos
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
forgot password sends an email to the email address on file (in the DB) for that user, so he could have changed YOUR email address to one he has access to and just does a forgot password on your account to change it every time.. changing the mysql password is usually done from your site's cpanel (not the ubbthreads admin cpanel), but the one that your host setup for you. also, if this guy had access to that cpanel, you should change that password. and he could have easily installed a software page that allows him backdoor access at anytime.. so dunno what kind of access he HAD, but if he had full access to your site, you are screwed if he really was good enough to put stuff in like that.. to help more, you should really describe what kinda access he DID have before.. cpanel, mysql, domain admin? what was it? was he the one responsible for upgrading your ubbthreads too ? the MORE he had, the worse situation you are in
|
|
|
|
Joined: Apr 2008
Posts: 46
newbie
|
newbie
Joined: Apr 2008
Posts: 46 |
it was person we thought we could trust and he had full access to the site and the server where the forum is kept
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
you are perty much screwed -- you'll need to change the main host account password and any email that might be HIS that is attached to administering it, then change the mysql password.. right now, he can just go into phpMyAdmin and do anything he likes.. and this is not to preclude him having some sort of software already installed that allows him in at anytime too.. this is where you'd need to look at the apache logs and not only the ubbthreads logs.. in short -- it's UGLY!
|
|
|
|
Joined: Apr 2008
Posts: 46
newbie
|
newbie
Joined: Apr 2008
Posts: 46 |
cheers for you help where do i find the apache logs is that on my host directory Carlos
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
you really need professional help at this point. me replying in this thread and back/forth prolly ain't gonna solve your problem(s). if you are wondering where the apache logs are on your box, then the other guy already has you beaten..
|
|
|
|
Joined: Apr 2008
Posts: 46
newbie
|
newbie
Joined: Apr 2008
Posts: 46 |
cheers for you help would you have look or is that to much to ask Carlos
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
it's not too much to ask, when you have money to spend on me but for free? this needs more than just a casual look / fix..
|
|
|
|
Joined: Apr 2008
Posts: 46
newbie
|
newbie
Joined: Apr 2008
Posts: 46 |
ok let me know much you are looking for, if this can be fix
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
it's best that you just PM me with details on your server and we go from there..
not a good place to have all this in an open thread...
|
|
|
|
Joined: Apr 2008
Posts: 46
newbie
|
newbie
Joined: Apr 2008
Posts: 46 |
|
|
|
|
Joined: Jun 2006
Posts: 16,300 Likes: 116
|
Joined: Jun 2006
Posts: 16,300 Likes: 116 |
He could have also installed 3rd party utilitiees to login to the server... :ahem:
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
yah, it's really not worth it for me to go in and search around for stuff he might have put on there.. its too expensive..
i'd suggest you find a way to make nice with the guy.. it's a lot cheaper than what it would cost to hire me.. and then there are really no guarantees. if he was very web/server savvy, you may be forever compromised until you move off that server and start fresh..
thanks for the PM, but i don't think i want to get into this mess..
|
|
|
|
Joined: Jun 2006
Posts: 16,300 Likes: 116
|
Joined: Jun 2006
Posts: 16,300 Likes: 116 |
I'm generally more than willing to dive through the server; however it'd likely take several hours and there would be no definitive guarantee against missing something which may be hidden well...
|
|
|
|
Joined: Jun 2006
Posts: 811
old hand
|
old hand
Joined: Jun 2006
Posts: 811 |
On top of everything SD pointed out, as an added layer of protection, be sure to change your email account password.
|
|
|
|
Joined: Feb 2007
Posts: 1,294 Likes: 2
Veteran
|
Veteran
Joined: Feb 2007
Posts: 1,294 Likes: 2 |
I once messed with someone on a board that gained access to something on one of my boards. IF you allow HTML in post's nothing you do is going to help you as he may have installed a HIDDEN javascript that sends him the login name and password for everyone that reads that post.
Just a thought, took the dude a year to find it on his board, LOL.
But I'm also not suggesting ever doing this and if you did you would really need to know your stuff to pull this off and need a web server of your own to retrieve the data without being noticed as well.
|
|
|
|
Joined: Apr 2008
Posts: 46
newbie
|
newbie
Joined: Apr 2008
Posts: 46 |
hi all cheers for your help it has got far worse now the person in question has somehow closed the forum down and delete all the users even mine. any idea how i can reopen the forum. help Carlos
|
|
|
|
Joined: Apr 2007
Posts: 3,940 Likes: 1
Former Developer
|
Former Developer
Joined: Apr 2007
Posts: 3,940 Likes: 1 |
i believe i said 'you are screwed' -- so hopefully you had your host make or YOU made a backup of your mysql DB ?
if so, then moving to another host is the 1st step..
the other thing would be to scrub your DB for any stealth admins..
change all your existing admin psws...
bleh.. it's a mess, but you need a backup of your DB to at least start with.
|
|
|
|
Bots
by Outdoorking - 04/13/2024 5:08 PM
|
|
|
|
|
3 members (Nightcrawler, Stovebolt, 1 invisible),
907
guests, and
160
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|