My forum was infected with a malware which is apparently affecting many of the go-daddy hosted sites.
Since i wasn't able to access through FTP, i've been trying to use the inbuilt backup in mybb . problem is that it is returning only
0 byte files. I know for one that db files seem to be intact as of now since i can see them in the forum.
I heard that the original problem was due to an vulnerability in the php coding. if so, could any one tell me which issue with php would directly affect backing up of the database ? one site mentioned that godaddy was running scripts to delete all codes like this:
"<php /**/ eval(base64_decode("..."
So if there is a particular issue with php or something, we could request the host to resolve it and then take backup.
How come you don't have FTP access? Or am I misunderstanding you?
I would overwrite all your files (except ./inc/config.php and ./inc/settings.php) with new ones from your version of MyBB and then if you need, restore your database from a backup. Finally, make sure your running the latest version of MyBB.
I would be asking GoDaddy serious questions if your account was indeed compromised because of their systems like that.
If the file that creates backups was written to, either you gave the file permissions it didn't need or your hosting account was hacked.
(2010-04-23, 09:06 AM)TimB. Wrote: [ -> ]How come you don't have FTP access? Or am I misunderstanding you?
I would overwrite all your files (except ./inc/config.php and ./inc/settings.php) with new ones from your version of MyBB and then if you need, restore your database from a backup. Finally, make sure your running the latest version of MyBB.
I would be asking GoDaddy serious questions if your account was indeed compromised because of their systems like that.
you got it right, the accounts were compromised . even after restoring account and changing password, it keeps getting hacked again. how ? that's a million dollar question which many would like to know.
as for go daddy, they are simply putting the blame on customers like typical corporates. And it would be believable but for the fact, that most if not all the sites i came accross with same problem had godaddy as host. :-|
since the malware code gets injected into the php files, i felt it would be safe to take a backup of the database which seems completely intact.
simply searching for "61.4.82.212/js" reveals other sites with this issue.
(2010-04-23, 11:48 AM)MattRogowski Wrote: [ -> ]If the file that creates backups was written to, either you gave the file permissions it didn't need or your hosting account was hacked.
now thats what i had wanted to know -
what are all files needed for backup to function properly and what php functions need to be working properly for that ?
./admin/modules/tools/backupdb.php: making backups via the ACP.
./inc/tasks/backupdb.php: making backups via the task system.
Reupload both of these and try and backup again. As I said though, if these have been written to, you it'd be extremely unlike that the CHMODs had been changed on them so it'd definitely be a host issue. I hate it when they blame their customers when it's beyond their control.