2013-03-24, 06:59 PM
So this is my first post here on MyBB but i have been using MyBB for awhile now and along the way have picked up some security techniques. In this tutorial i'm going to show you how to remove the ability to backup your database via the AdminCP and here's why. To be fair there's no point in there being an option to backup your database via the AdminCP, for starters it's just an easier way for a hacker etc to get your database and any site owner can backup their database through their phpmyadmin. Anyway onto the tutorial.
1). Locate the files, backupdb.php and optimizedb.php in the directory, YOURADMINCPDIR -> modules -> tools. Now with these two files just simply delete them.
2). In the same directory locate the file, module_meta.php. Open it up and go to line 28 and comment it out and do the same to line 29 so the 2 lines now look like this,
3). Now locate the file, module_meta.php in the directory YOURADMINCPDIR -> modules -> home. And open it up. Now go to line 67 and comment out that line so it looks like this,
4). Now you're done, there will be no option to make database backups via your AdminCP, when users go to the url to make a backup they will be presented with a PHP and SQL error which may surprise them .
1). Locate the files, backupdb.php and optimizedb.php in the directory, YOURADMINCPDIR -> modules -> tools. Now with these two files just simply delete them.
2). In the same directory locate the file, module_meta.php. Open it up and go to line 28 and comment it out and do the same to line 29 so the 2 lines now look like this,
//$sub_menu['60'] = array("id" => "backupdb", "title" => $lang->database_backups, "link" => "index.php?module=tools-backupdb");
//$sub_menu['70'] = array("id" => "optimizedb", "title" => $lang->optimize_database, "link" => "index.php?module=tools-optimizedb");
3). Now locate the file, module_meta.php in the directory YOURADMINCPDIR -> modules -> home. And open it up. Now go to line 67 and comment out that line so it looks like this,
//$sub_menu['60'] = array("id" => "backupdb", "title" => $lang->database_backups, "link" => "index.php?module=tools-backupdb");
4). Now you're done, there will be no option to make database backups via your AdminCP, when users go to the url to make a backup they will be presented with a PHP and SQL error which may surprise them .