MyBB Community Forums

My site has been hacked today 2 times in this week and that hackers change styles index only (in all styles) - and admin password

when i talked to server supporter he said that is the Security problem in this files some thing about coikies

[php]


ALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' the latin model' (/task.php')
ALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' the latin model' (/index.php')
ALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' the latin model' (/css.php')
ALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' the latin model' (/css.php')


what can i do , i am simple user but i changed admin dir an make a password on it by cpanel

my forum 1.4.13

thanks for helping

Mr Tim your wonderful

I would first open your FTP client and order your files by creation date and remove any files created since your hacking (attachments excluded). Then overwrite all your MyBB files with a fresh copies from a new MyBB download.

A few other things to check:

• Make sure MyBB is the only thing installed on it's database and that your databases each have different users.
  
• Make sure you use a different password for MyBB to your usual passwords (in case you were phished)
  
• Restrict the permissions of any other admins to only those they need (ACP > Users & Groups > Admin permissions)
  
• Look for modified templates (the title of modified templates turns green) and use the DiffReport feature to look for anything suspicious and either delete that code or revert that template
  

Finally get any information you can from your hosts or server logs.

I have the same problem. Today my mybb forum has hacked, apparently only changes the index page and the admin passwords deleted. How I can enter in control panel if the admin password is deleted??

Thanks

Blank your salt and replace your MD5 with this: 098f6bcd4621d373cade4e832627b4f6
Then you'll be able to login with the password test.

Also what versions are you guys running?

1.4.9 and several plugins

I protect the admin directory with htpasswd but I think the problem is some type of Mysql injection, if discard the phising.
The "hacker" changed the index editing index templates, and changed password & email of all admin accounts.

So you're running a version 4 versions old, released a whole 10 months ago, when there have been several security fixes since then, and you're asking why you're being hacked?? I can't remember off hand what the security fixes were or if they could cause this, but why have you not upgraded your forum for so long?? What if an important security fix had been made??

Yes, but the user that starting this thread have installed the last mybb version and they have the same hacking (edit index page and changed admin pws).

Till now i accept Registration by my self only after i look to ip

is there any security plugin to stop hacking board... latest version

NO I DON'T KNOW HOW THEY DID THAT

but i am in safe side by closed Registration