I was told by someone that my SSH 5.X is vulnerable. He said I should update to 5.3??
I have never used SSH on my site and I was told by another person that it is off by default.
Should I be concerned with that?
And I was told XSM is a problem with my site?
these are not MyBB issues, they are related to your hosting account. Are you one shared hosting or a VPS, I assume shared since you don't use SSH. That means you can't update it and your host can only do that.
What about XSM? there is a guy who is a "hacker" and told me my site is vulnerable. I just want to patch all this before something happens. Is there someone here who can help me?
![[Image: 1sOnp]](https://camo.mybb.com/84e40747774c5d18653031ca43f964486b10013d/687474703a2f2f7075752e73682f31734f6e70)
Someone was able to generate this error and determine my cpanel password.
How was this done?
That error indicates the file mentioned there as not being present.
Anyway, what version of mybb are you running? If you are not running the latest version then upgrade a.s.a.p. Also make sure that you use the latest versions of any third party plugins/scripts etc that you have running in your server space.
That being said, from what you are saying it looks like the security vulnerability should be looked at the host. Contact them and tell them your worries so they can take the necessary precautions.
I am running the latest version.
All my plugins are up to date except the Google SEO update. The latest one just came out 4 days ago and haven't updated yet.
And I contacted my host and they said everything is updated. They are a well known company. Hostgator.
I have a weird feeling someone is just trolling you. Have you seen any actual evidence that you have a problem with your software, or is he just telling you/providing you with random error screenshots?