Sub Menu
Links Menu
Online Users

In total there are 319 users online :: 3 registered, 0 hidden and 316 guests

Most users ever online was 1091 on Wed Aug 16, 2023 5:27 pm

Registered users: Bing [Bot], Google [Bot], Majestic-12 [Bot] based on users active over the past 60 minutes

New security questions and a few others

Support for IntegraMOD 141

Moderator: Integra Moderator

New security questions and a few others

PostAuthor: Texas-Racer » Mon Jun 13, 2011 7:58 am

For what ever reasons hackers love my sight. The hacking into members accounts has stopped, but now I'm concerned with stuff like this.
[img]http://i164.photobucket.com/albums/u27/texas-racer/MOC/Security.jpg[/img]
CrackerTracker has stopped all of them that I know of, but it is getting insanely crazy. The above sample is very light, it is NOT unusual to get 100's of these a week. For the most part all of the attacks are coming from foreign countries. What bothers me is that there is so many a week, what if someone does succeed in there hacking attempt? I started taking notes and noticed some repeat IP's so I started tracing IP's, the biggest offenders are from Poland, Russia, China and Germany and France is starting to get bad. Cracker tracker does not ban IP's, so I started banning IP's, I first check it against member IP's then I ban it. Well that didn't seem to help much, but I did notice a lot of them are coming from the same networks, so I started banning WHOLE networks and that has helped. I bet I have half of Poland, Russia and China blocked now.
This is stats straight from my website, it has been up for 4 years...
Protected by CBACK CrackerTracker
23050 Attacks blocked.
Protected by phpBB Security © phpBB-Amod :: phpBB Security © Has Blocked 999 Exploit Attempts.
Am I freaked out for nothing, or do you agree my site has been insanely attacked?
What can I do to better protect my site?? The checking and banning IP's is just time consuming, I'm sick of dealing with security attacks.
Second part of my questions. How do I stop this from coming up?
http://i164.photobucket.com/albums/u27/ ... Search.jpg
I have two websites, the public one, then one for all of the staff. The second one is where we all go to discuss problems, contest, keep records etc etc. My "staff office" is set up to where it only shows the log in block, and the who is online block. You click forum and it says, This board has no forums.
Well I discovered because of these hackers I can go into the browser and type search.php after the web address of the staff office and a working forum index search pops up. I can type something in the search and it will post topics, authors time and date etc. If I do click one of the topics, it goes to log in page. That search function needs to stop, how do I stop that from happening?
I also discovered that search bots have hacked into the staff office and right now on google my staff contact page is posted..it has their full names, addresses and phone numbers posted. I have no bots allowed to crawl the site, how are they getting through??
A few other questions, how do I update CrackerTracker? It tells me I need to update, but when I go to the website it is all in foreign language. I have searched and searched and I can not find anything in English to update it.
How many banned IP's are allowed on the forum? I have 1,000 easy, probably more.
I'm sorry I know this is long, but I have issues to fix!

Texas-Racer
Newbie
Newbie
 
Posts: 29
Likes: 0 post
Liked in: 0 post
Joined: Sun Mar 27, 2011 8:12 am
Cash on hand: 0.00
Location: Amarillo Texas

Re: New security questions and a few others

PostAuthor: Helter » Mon Jun 13, 2011 11:10 am

unfortunately attacks are commonplace and will not stop until we have better international law enforcement. Obviously though your diligence and the security software are working or your site would have been defaced already.
Your best defense is to keep good file and db backups just in case. If your really concerned, dont depend on the built in database backups as they can be difficult to restore on very large db's. I would suggest using MSQLD ( http://www.mysqldumper.net/ ) for your backup and restore duties.
The CTracker update is pretty simple. It is only two updated files and no db modifications. Ill attach the files. Just overwrite your current files with the new ones

for your private forum you can use your CPanel directory protection with a simple password and email the password to your staff. it is basically just an .htaccess and .htpassword.
before you do it though, rename your current root/.htaccess so your CPanel will not overwrite it, then add your current htaccess info to your new htaccess file at the end of it.
Always use Protection
Image


Please do not PM for support
User avatar
Helter
Administrator
Administrator
 
Posts: 4167
Likes: 0 post
Liked in: 0 post
Images: 0
Joined: Sat Mar 11, 2006 3:46 pm
Cash on hand: 172.60
Location: Seattle Wa
IntegraMOD version: IM 3

Re: New security questions and a few others

PostAuthor: Texas-Racer » Tue Jun 14, 2011 11:01 am

THANK YOU

Texas-Racer
Newbie
Newbie
 
Posts: 29
Likes: 0 post
Liked in: 0 post
Joined: Sun Mar 27, 2011 8:12 am
Cash on hand: 0.00
Location: Amarillo Texas


Return to IntegraMOD 141

Who is online

Registered users: Bing [Bot], Google [Bot], Majestic-12 [Bot]

cron