They hack I unhack. Who will get tired of it first?

Salome

Administrator
After communicating with vBulletin and our hosting provider it looked like there were two possible avenues the hackers used to get in. One is a hole in the vBulletin software and the other a security issue with our hosting provider. To eliminate the latter, we moved the forum to a different service provider. So we closed the board ourselves while we were doing that maneuver. It's freaking huge and takes forever to transfer.

While we do back up the forum, I'm glad they didn't delete it. It looks like they just replaced the homepage with theirs. I know they sent members a weird email, and we apologize for that! It appears that they were not able to access anyone's email address. It looks like they sent their email through the forum system mass member email feature. All passwords are encrypted. Even if someone gets Admin access they are not visible.

That's all I have to report for now.
 

Zorba

"The Veiled Male"
What a pain. I've moved sites from one hosting provider to another in the past - its tedious even with a small site. And there's always "some issue" that doesn't work the same way on the new site that has to be fixed, although very careful coding will minimize (but not eliminate) that.

Good on Salome and Anatoly!
 

Salome

Administrator
What a pain. I've moved sites from one hosting provider to another in the past - its tedious even with a small site. And there's always "some issue" that doesn't work the same way on the new site that has to be fixed, although very careful coding will minimize (but not eliminate) that.

Good on Salome and Anatoly!

Yeah, pain in the booty! Anatoliy was up till 4 am moving all the files. I had to give it up and go to bed at around 2! Thanks for the kudos ;)
 

Suheir

New member
Yeah, pain in the booty! Anatoliy was up till 4 am moving all the files. I had to give it up and go to bed at around 2! Thanks for the kudos ;)
Aw, you guys! :cool: We really appreciate all the hard work that you put into this site.
 

Salome

Administrator
I have a question to pose to all our members. First a bit of back ground...

When there is a hole in vBulletin software, hackers use Google and other search engines to search for folks using, for example, Version 3.7.1 vBulletin forum. The search engines return results of websites using this 3.7.1 vBulletin forum. So you can be hacked at random and it's not a personal attack OR if I had a particular grudge against something I found immoral, let's just pick something at random... how about belly dance. I'm a hacker and I know of the hole in this version of vBulletin, I can do a simple search and viola. The hackers visit, enter through the hole they know exists and do their thing.

If you search in google "3.7.1 vBulletin dance forum" we are on the first page in fourth position. If you search "3.7.1 vBulletin belly dance forum" we are on the first page and occupy the first 3 positions. Suffice it to say this forum is very visible.

Aside from upgrading, patching, moving servers etc. there is one additional thing we can do to protect ourselves. And that is eliminate the text "powered by vBulletin" from this entire forum (you can find that at the bottom of every page on this forum and other forums by vBulletin).

I should say that this will not completely eliminate the possibility of being hacked but it will greatly reduce the chances. As google and other search engines will not 'see' any vBulletin text, our forum will not be returned in results when hackers search for any version of this software.

This is available from Jelsoft but it will cost us an additional 120 US dollars per year. This forum costs Anatoliy and I about 700.00 dollars a year, not including the above mentioned. That covers the license for the software, domain name, monthly hosting etc. Which we are certainly happy to pay! We were wondering though if any of the members would be up for donating a bit toward this additional 120 expense. Let us know your thoughts.
 

Mosaic

Super Moderator
We were wondering though if any of the members would be up for donating a bit toward this additional 120 expense. Let us know your thoughts.

I don't mind paying something, It's a great place to hangout and you and Anatoliy do a fantastic job.

Thanks heaps for the hours of upkeep you put into this:clap::clap:

~Mosaic
 

Mosaic

Super Moderator
Well, I'm old, bitchy, and a MALE! That'll fix 'em for sure! :lol:
Hackers beware! Zorba is here .... along with a few cranky old dames - myself included ancient and dancing and all - I'm pretty good at mixing cement and I am sure we could fashion a few sets of concrete shoes to encase young hacking whipper-snippers in. Oh what punishment to stand them in a row and all the olds gather round to dance with shimmies, zills loudly playing, landing the odd swipe with veil and cane ... now would that, do you think scare them away, never to be seen again!:lol:
~Mosaic
 

Farasha Hanem

New member
I checked my e-mail yesterday, but didn't see anything unusual (I didn't open any e-mails up, either, just in case). But then when I went to come here, I got that stupid hacker message...grrrrrrr!!! Could just going to my e-mail page caused it? :think:
 

Mosaic

Super Moderator
I checked my e-mail yesterday, but didn't see anything unusual (I didn't open any e-mails up, either, just in case). But then when I went to come here, I got that stupid hacker message...grrrrrrr!!! Could just going to my e-mail page caused it? :think:

Caused what? I am a bit confused as to what you mean.

If you are concerned that some virus or something came through your email or by logging into the forum, no they were ( I think - some young men/women) who were just being totally annoying and probably trying to freak everyone out, as it appears to have on Bhuz.

Anatoliy & Salome I am sure have solved the issues of how they managed to hack into the site.

If it is something else that worries you regarding email/logging into forum, can you explain , or maybe someone else will know what you mean:)

Sorry to be so dense
~mosaic
 

Safran

New member
Oh dear, basically two days without the forums, how did I survive :shok:
Well, at least life is never boring on these boards... ;)
I am so glad they left everything in place though.
 

Marya

Member
I have a question to pose to all our members.

This is available from Jelsoft but it will cost us an additional 120 US dollars per year. This forum costs Anatoliy and I about 700.00 dollars a year, not including the above mentioned. That covers the license for the software, domain name, monthly hosting etc. Which we are certainly happy to pay! We were wondering though if any of the members would be up for donating a bit toward this additional 120 expense. Let us know your thoughts.

Salome,

How many people use this forum? I bet if you set up a paypal account for forum expenses you will easily make $120, maybe even the whole $700. This is truly a service you provide and I for one would gladly donate $10-$20 once in a while to help keep it going.

Marya
 

Mariyam

New member
Salome, wasn't it possible, not so long ago, to donate via PayPal? In any case, I'm ready to make a small contribution!

Bad hackers... bad bad bad
 

Raven

New member
Well, one hour ago the forum was hacked by some Saudi hackers. It didn't take long for me to fix the forum. However I still didn't find the hole they got in, so it's not patched and they can do it again. I contacted the VBulletin team (we run our forum on their software) - hope the hole will be found and fixed before those losers come back again. It looks like after they hacked the forum they sent e-mails to all our members. Sorry about that.

I know - I was really shocked when I logged in. Good job with fixing it! :dance:
 

adiemus

New member
set up a paypal account and I'm in like flyn!

Bouquets to you and Anatoliy
View attachment 1546

... I've offered before, but if you ever catch those dupes who hacked - I'll play my ZILLS for HOURS and HOURS! for FREE!!! right in their ears, OUT OF TIME with the music!
 

Salome

Administrator
Thanks to everyone for your support.

For folks who are willing to throw some change our way, Anatoliy will set up a paypal button. I'll annouce it here when it's ready :)
 
Top