MyBB Community Forums

Well I get on the internet and find 4 emails in my in box saying that 4 log in attempts were made on the admin CP. This has never happened.

I do have some foes on the internet that might have found the forum. The password is not easy but its not hard at the same time. Its letters and numbers.

Maybe a bot? Maybe a hacker I dont know? Its strange! I mean how often do you get warnings of people trying to access your admin cp?

Email 1 -

A user has tried to access the Administration Control Panel for Boring
Online. They were unable to succeed in doing so.
Below are the login details:

Username: joel
Password: xboxrox (MD5: 5d1eb659a6608835aa0a66280ef70436)

IP Address: 4.225.237.19
Hostname: dialup-4.225.237.19.Dial1.Detroit1.Level3.net

Thank you.

Email 2 -

A user has tried to access the Administration Control Panel for Boring
Online. They were unable to succeed in doing so.
Below are the login details:

Username: joel
Password: boring (MD5: 8c32b1f76c746d784f0c1fd005e2a220)

IP Address: 4.225.237.19
Hostname: dialup-4.225.237.19.Dial1.Detroit1.Level3.net

Thank you.

Email 3 -

A user has tried to access the Administration Control Panel for Boring
Online. They were unable to succeed in doing so.
Below are the login details:

Username: Joel
Password: gir (MD5: e589d341207cfa0210eb13e751b4656a)

IP Address: 4.225.237.19
Hostname: dialup-4.225.237.19.Dial1.Detroit1.Level3.net

Thank you.

Email 4 -

A user has tried to access the Administration Control Panel for Boring
Online. They were unable to succeed in doing so.
Below are the login details:

Username: Joel
Password: (MD5: d41d8cd98f00b204e9800998ecf8427e)

IP Address: 4.225.237.19
Hostname: dialup-4.225.237.19.Dial1.Detroit1.Level3.net

Thank you.

-----------------------------------------------------------------------------

Somethings about the IP and Hostname are different. I dont know what to think. I would hope no one would ever gain access to my forums CP.

I'm no expert, but it seems to me like some random forumer tried to log into your administration panel. MyBB uses MD5 "salt" encryption, though, so you should be safe, as this is a very secure password encryption system.

Try contacting the ISP that runs the hostname dialup-4.225.237.19.Dial1.Detroit1.Level3.net. Obviously, it's some dial-up service centered in Detroit. Also, ban the IP address 4.225.237.19.

If your password is not hard, it is not difficult enough I would seriously doubt it is a bot, though, because it was only attempted four times. If I were to spend time building a bot I would be running it at least a couple hundred times, not four times. I would keep an eye out for more notifications but you should be safe.

I learned a long time ago not to post links telling people where my site/forums are located. The reason is because if security vulnerabilities are discovered, I don't want people seeing I use a particular forum package and try to gain access to critical information. It's true that they could find my forums because I keep the footer links, but there's no sense making it easier for them. I used to use another forum package and posted links to my forums and within a couple weeks the developer was posting about a security flaw discovered and told everyone how to determine if they were visited by the intruder. Sure enough, I was. They went through the developer's forum clicking on all the "my forums" links and accessing the admin panels just to show it could be done. So I stopped using that forum and stopped linking to my site/forums

Well someone at The Admin Zone said to change the Admin CP to something other then CP or whatever in Include/Config.php. Thats for vBulletin.

In MyBB you can just rename the directory. If you want the admin link to change at the top too then you need to edit toplinks_admin as well.

Chris Boulton Wrote:In MyBB you can just rename the directory. If you want the admin link to change at the top too then you need to edit toplinks_admin as well.

Is this true for RC3 as well? And also is it possible to relocate the admin CP entirely to another address on the server so it's no longer a subdirectory of the MyBB root directory.

I wouldn't ban the IP address, simply because they are almost always dynamic for dialup users, and usually for broadband as well anyway. You would stop a random user freom that ISP accessing your forum.