Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

xoops.org - being hacked - can we help?

2005-10-21
2012-09-25
  • Ross Linfoot
    Ross Linfoot
    2005-10-21

    Sorry to see that the site was hacked again - have you ffound out where they actually got in ? if so can you post so if we have xoops sites we can take action to prevent it happening from ours. Is there anything we can do to help getting the site back up or have you got it in hand?

    Keep up the great work though - I am fairly new to xoops and so far it is working great and it appears that the xoops team is really out to help its users :)

     
    • Ana
      Ana
      2005-10-26

      I miss xoops and it's people, anybody know when it will be back?

      Snowinmyhands

       
      • Harwin
        Harwin
        2005-10-26

        When you look at the Home Page you'll see that they are currently working on it. There were resources added to the site again.

        Things that are as good as XOOPS are worth while the wait.

        Maybe the next release of XOOPS should be called Phoenix.

         
    • biteronboard
      biteronboard
      2005-10-23

      Ya this is sad:(

      I think we are all dying for an update. we are all nervous about the security of our own sites. We can be told that xoops is secure and all that but apparently it is not. I dont imagine that the majority of us are targets. however every single user deseves the chance to protect their work. Do yourself a favor and backup your site now.

      I guess basically we are curious to know what is going on. atleast a message on the front page would be nice.

       
    • Harwin
      Harwin
      2005-10-24

      Using XOOPS 2.2.3 I'm not worried about being hacked more than using any other system. In theory everything can be hacked.

      Now it is not hackers I'm worried about because they will let you know where your system leaks.

      The persona non grata who -cracked- the XOOPS site was indeed someone who has been on the inside. So, you need to be worried if this cracker is amongst your members...

      And why he did it (again)? Because he could not stand being thrown out of the XOOPS official support group.
      Well, at least so it seems.

      Again real Hackers are good sports, and no I'm not a Hacker myself, they are the ones who will keep Open Source alive in fact.

      The people at XOOPS know who the person is who attacked their server for the third time in a row.

      Now there's is a questionmark there, because how is it possible for the same cracker to crack the system three times in a row?

      Well I can figure out only this way: Leeching PHP files that should not be possible to leech at all. Now here is an actuall problem that every PHP driven site that keeps it's login data in a file is very vunerable.

      Renaming your config.php file would not be enough protection. Because when there is a cracker who leeches all files and has hatred enough, will probably find the code in the end.

       
    • Harwin
      Harwin
      2005-10-24

    • Ross Linfoot
      Ross Linfoot
      2005-10-24

      Thanks for the heads up on that .htaccess modification - I will definitely get it done.

       
    • Harwin
      Harwin
      2005-10-24

      The .htaccess solution works very well. Also consider mainfile.php into the deny part.

      Your web needs to run under Apache though for this to work like it should.Would almost so only Linux/Apache will do the trick, but I'm not completely sure of that.

      <Files mainfile.php>
      order deny,allow
      deny from all
      allow from 10.0.0.1
      </Files>

      Replace with your own IP where 10.0.0.1 is written. Do not know if it would work for a DynDNS adres.