Hey all, I was looking for some help in trying to get rid of this god damn idiot that likes to wipe our website and they use it to forward our site onto adult sites.
At first I thought it could be spy ware, but after uploading the backups I created of our site via (old school MacOS 9.2.2) and we’re still getting hacked. I beginning to wonder if the asshole some how has left a line of code in my previous back-ups and is still getting in even after completely reinstalling php-fusion v.6.00.305 onto my site. I started with v.6.00.305 and still would love to use it… but at this rate it’s almost not worth it if I keep getting hacked.
I’m wondering if somehow they were able to store information to my mysql database and record my information… or even if they might be running a XML script in their signature within their profile.
All I know is once I’ve put back up our site, it usually takes the hacker a few minutes to a couple of hours & it’s gone again. They take one of the .htaccess files and make it a 403 redirect to an adult site of their choice. Now I currently have a few images I’ve upload back onto my site, and just an index.htm file.
It’s been up almost 24 hours which to me says that they must be getting in via fusion somehow because it usually is hacked every 2 hours. I have no other MySQL databases running. My cPanelx has 32 characters mix with symbols, numbers, punctuation, and letters. They can’t be accessing my cPanelx directly.
My host doesn’t know what to do when I ask them for help because they say it’s low level security issue that I should be able to fix… yet they can’t seem to do anything to help because they are pointing fingers at php-fusion or pointing fingers at me saying it’s probably a Trojan or SpyWare. Yet I uploaded the back-ups of my site via MacOS 9.2.2 and still I’m getting hacked? I wonder if there truly is an infected file or a command string within fusion I’m unaware of.
I was hoping that there were a couple things that could be done but was unsure of,1. Is there anyway to record in php what the hacker is doing? Like recording their steps so that I can put a stop to how they are getting in? Maybe even set something up and transfer the information to another site or through an e-mail. (Just guessing here)
2. Is there anyway to make the passwords longer then 20 digits? (i.e. 32 – 64 digits) Is there also a way to make them not just alphanumeric? Like including punctuation & symbols? Here is a good password generator I use: (
http://www.winguides.com/security/password.php)
I would love to know how this asshole is getting in, and if it’s a security issue then I want to let php-fusion know ASAP so it can get corrected in future versions. If you have any comments or question please reply as I’m getting rather desperate seeing how I couldn’t keep our phpBB2 discussion board alive, as they hacked the **** out of that one too. Fusion was suppose to be the alternative to phpBB2 and also be a new facelift on our site… but right now it’s not doing a damn thing.