Thread Rating:
  • 2 Vote(s) - 3 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[Tutorial] How to Help Secure your Forums from being Hacked/DDOSED
#8
I have changed the title of the Topic with a better choice of words now.

(2012-12-03, 12:22 AM)Nathan Malcolm Wrote: I can think of 20 methods off the top of my head to hack a forum, and none of the above posted are included. Security is a process, not a product. The above might help to some degree, but it won't prevent your forum from being hacked.

Yeah, but this tutorial eliminates the common ways of getting hacked.

- If no one else can get hosting on your server, then they can't use any shell to gain access to your files as they can not upload anything. (Which is how most forums get hacked anyways [Especially the ones advertised at HF])

- They can't bruteforce SSH/yourlogin since you disabled it and only the owner can access it via console.

- They don't know your servers REAL IP, so they couldn't use a Putty client and try to bruteforce a login to your VPS

The only way they could hack you now is by exploiting myBB, which should be pretty hard.

Even if they use the upload attachment feature, and successfully upload a shell, it will most likely not work as we have disabled the main Symlink functions, but there are shells out there that still bypass it, their hard to find though.


Messages In This Thread
RE: [Tutorial] How to Help Secure your Forums from being Hacked - by imtiax - 2012-12-03, 12:25 AM

Forum Jump:


Users browsing this thread: 1 Guest(s)