>> Site Map >> Forums >> PHP-Nuke Security
Forum module - topics in forum:
PHP-Nuke Security - Been hacked? or have a question about securing your site, here's the place.
Hacked By Team Maroc Vip
I keep getting my site hacked by “Hacked By Team Maroc Vip”. Which is becoming a real pain now as I’m on my forth re-store (only replaced file at the moment should I restore my database as well). At first they just changed the Index.html and Index.php files, but every time I fix it there do more and more damage. The last time they managed to delete whole the site.
I tried to install Sentinel, but I could not do all the modifications to install it. I running on a Resecured PHP-Nuke 7.6 version, and I think that this is the problem as it is not a true 7.6 version install (or is it).
If I rebuild the site with 7.6. Am I able to carry on using my existing database, or will I have to start again?
www.dcmclub.co.uk
Dindamer
have you heard of ravennuke? it's 7.6-based with all the patches applied and sentinel comes with it.
are you remembering to delete/rename your install files? i always got the impression that is how some of the more serious hacks are done.
I personally cant see that changing/deleting your files and database would have anything to do with your nuke version, surely this is a server security issue, maybe I'm wrong.
Try contacting your host for access logs to try and find out how they are doing this.
And just for info the NSN Resecured nuke is much better than the standard nuke, it includes the current patch which would've been available when you used it.
I've spoken with my host, and they say that it must be a scripting issue in nuke. I don't know about that, but they have not really been much help. Just told me to report the abuse to the hackers host.
What security can I install on the site. to try and prevent this from happening again?
| Quote: : |
| What security can I install on the site. |
http://www.nukescripts.net/modules.php?name=Downloads&cid=700
Hi,
I've redone my site. Installing all the latest patches and installing NukeSentinel which does seem to be working, but some how today Team Maroc VIP still managed to rewrite my index.php and config.php.
Does Sentinel not provent this or have I not configered it correctly? or could this be a security issue with my host?
Once again I'll say
| Quote: : |
| I personally cant see that changing/deleting your files and database would have anything to do with your nuke version, surely this is a server security issue |
I can't see how a nuke security system such as sentinel will stop access to your hosting to change or delete files.
Once again I'll also say
| Quote: : |
| Try contacting your host for access logs |
You'd probably be best asking over at http://ravenphpscripts.com/ about what sentinel can and can't block.
Also, maybe coppermine is your problem, that was vulnerable for a long time and they even stopped porting it for nuke.
Maybe try another gallery script, gallery2 is good I believe, never used it myself.
