2012-02-16, 10:40 AM
Hello, my forum got hacked a while ago and i THINK it was by SQL injection as they deleted a database and uploaded 2 files which were virus's.
but i had backup's (luckily) and now its backup but this was a while ago.
The person who was the messenger boy between me and the attackers said that they just wanted me to pay them for hosting (they are a web hosting company but not popular)
So i said no, and now they have stopped.. now, i thought it was SQL injection as i thought this was the only way to hack a forum? Messenger also told me that they cannot do it without having a account with admin powers on it so now i am the only admin but i can't be worried about being hacked 24/7.
I now have my own server but i am not experienced at all.
It has a firewall named config server security or something similar and it uses iptables. My host installed this for me as i can't use SSH whatsoever.
Do you have any idea what plugins are a major risk? also, do you know any good free vulnerability scanners as i know they exist but are not free also people do this manually? how? wouldn't you have to go through every single file?
Thanks, my URL is not posted as i did not think it was needed and also because it looks nasty as i am editing the theme
Thanks, Again.
but i had backup's (luckily) and now its backup but this was a while ago.
The person who was the messenger boy between me and the attackers said that they just wanted me to pay them for hosting (they are a web hosting company but not popular)
So i said no, and now they have stopped.. now, i thought it was SQL injection as i thought this was the only way to hack a forum? Messenger also told me that they cannot do it without having a account with admin powers on it so now i am the only admin but i can't be worried about being hacked 24/7.
I now have my own server but i am not experienced at all.
It has a firewall named config server security or something similar and it uses iptables. My host installed this for me as i can't use SSH whatsoever.
Do you have any idea what plugins are a major risk? also, do you know any good free vulnerability scanners as i know they exist but are not free also people do this manually? how? wouldn't you have to go through every single file?
Thanks, my URL is not posted as i did not think it was needed and also because it looks nasty as i am editing the theme
Thanks, Again.