Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How to reinstall a fresh copy of MyBB without data loss
#1
Hello!

I'm using the latest version of MyBB software and i'm new to it.My forum's root directory was infected by some abuser who uploaded a login folder to my root directory by creating a phising link,i have removed the link but i am having continous FTP password changes on my forum.

My ACP password isn't changed but the FTP has been changed already twice in the last month.

The FTP pass is the same that is used to access the Control Panel.That means,i am neither able to access CP nor FTP.

What could be causing this?I think there are some infected files in the forum's root directory and i would like to reinstall a fresh copy of MyBB.

But my problem is how to do it without losing the database and every single setting?

Please help me.

I'm worried.

Thankyou.
Reply
#2
(08-12-2018, 07:07 PM)kingkong Wrote: Hello!

I'm using the latest version of MyBB software and i'm new to it.My forum's root directory was infected by some abuser who uploaded a login folder to my root directory by creating a phising link,i have removed the link but i am having continous FTP password changes on my forum.

My ACP password isn't changed but the FTP has been changed already twice in the last month.

The FTP pass is the same that is used to access the Control Panel.That means,i am neither able to access CP nor FTP.

What could be causing this?I think there are some infected files in the forum's root directory and i would like to reinstall a fresh copy of MyBB.

But my problem is how to do it without losing the database and every single setting?

Please help me.

I'm worried.

Thankyou.

For starters... you need to change the AdminCP password. I'm surprised that you haven't figured that out.

Then... change the password for the FTP and the cPanel, but DO NOT make them the same password for both. Don't do it. 

In short... you need 3 different passwords. 

Do it now before someone does take over your entire setup.
I'm Serpius and You're Not
[Image: 5M7sb0n.png?1]
Reply
#3
You can save a backup of all files and the database for analysis later, then change your passwords for the server/hosting management panel, the email account it's tied to, etc., all the way down to MyBB administrator accounts; to make sure the filesystem is clean, you can:
  • use some software (e.g. WinMerge on Windows) to list differences between the set of files than your board runs off and a fresh MyBB package and manually delete/restore files that might be malicious, or
  • remove files (saving a copy of the uploads/ directory, and other ones if needed, like inc/plugins/, but you would have to review their content to make sure they don't contain malicious code) and upload files from the fresh MyBB package, upload inc/config.php (here is the code that generates it - it shouldn't contain anything else) and make sure the installation can connect to the database (with content intact) and restore the content in uploads/,
after that you would need to make sure there are no additional administrator accounts or unsafe settings (like allowed HTML in posts); the guide at https://docs.mybb.com/1.8/administration...rotection/ should help, but also take a look at other security-related ones at https://docs.mybb.com/1.8/administration/security/.

The DVZ Integrity Tools plugin can point out specific differences between current and original files as well as changes in the database structure.
devilshakerz.com/pgp (DF3A 34D9 A627 42E5 BC6A 6750 1F2F B8AA 28FF E1BC) ▪ keybase.io/devilshakerz
Reply
#4
Thanks for the explainations.

I would like to add that i am not using any strange softwares on my PC,it has been formatted since the last password change.I use filezilla to transfer FTP files.

The plugins i am using on my forum are:

   

   

My ACP password has been changed since the last FTP password change from abuser and since then i have already changed the name of my admin directory using the Honeypot plugin.

So,now my question is "how is it possibile that the FTP pass is changed again for the second time?"

Is it possibile that the hosting company is facing security issues?

And could you let me know if this is the proper way to make a backup?

   

Thankyou.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)