to my forum the last couple of days. I have 6 plus pages of new "members" registered to my forum which are obviously spammers. I had two security questions to answer and just added another but it doesn't seem to stop them from registering.
I just tried to log into my forum and I get the following screen and message:
There appears to be an error with the database.
If you are seeing this page, it means there was a problem communicating with our database. Sometimes this error is temporary and will go away when you refresh the page. Sometimes the error will need to be fixed by an administrator before the site will become accessible again.
You can try to refresh the page by clicking here
Does anyone have an idea how I can fix this? I haven't done anything or changed anything so I'm not sure why this message is coming up.
I think I cleared up a Google redirect hack but then I tried to instal ip board 3.4.1 and now when I click on Admin CP I get a brand new "test forum" what have I done wrong? I think I must of moved the folders into the wrong place?
I think I may have run an install in the admin section? if you go to my board, its off-line but if you sign in you can still look at all the posts so the info must still be there.
Board as it is OFFLINE:
This is what I get when I click on ADMIN CP:
Ive never installed or upgraded an IP board and obviously Ive done something majorly wrong. Can anyone help me fix this please?
Im not using VPS at least I dont think I am. I dont even know what VPS is. I have that in "" as it was a quote from another member who is having the same problem. In fact lots of people are. It seems there is a security patch out now but I didnt receive an email. Even if I did I dont know how to upload a patch...
I have changed server hosts since the last time this happened and the forum was completely re-installed fresh and its only just happened again in the past week. The problem isnt showing on any of my other sites which leads me to believe the security breach was through IP software/boards, plus the fact its also happened to so many other people http://community.invisionpower.com/topic/372259-i-got-hacked-but-how/ at the same time seems like a bit of a coincidence?
I just wanted a forum to support my main website so like minded people in the same hobby could come for a chat. We don't have many active members. In fact we lost quite a few the last time this happened. I enjoy using my forum and chatting but it cost me money to keep it going (invision licence fees etc) which Im happy to pay but Im not very technical and dont understand 90% of what is spoken about (technical stuff) on these support boards. It just seems a bit daunting and tiring to think you have to put a lot of time and effort in just to keep ahead of the hackers, check your security, logs etc etc just to keep a forum working..
I hear what you are all saying, no site is unvulnerable to hackers but do you think some bigger sites and software operators like this one are prime attraction to hackers? My friend uses a completely different forum software which is little known and he never seems to get any hacking problems.
Anyway my spirits are slightly lifted since it looks like as a very generous and helpful member on these support boards is helping me with this problem.
Looking at the list on front page a few boards are getting hacked and its very frustrating! for me as Im not very technical and its going to be hard and time consuming to fix it.
I clicked to visit my site and was redirected to this page:
AVG says it is a
BlackHole Exploit Kit:
"A type of crimeware Web application developed in Russia to help hackers take advantage of unpatched exploits in order to hack computers via malicious scripts planted on compromised websites. Unsuspecting users visiting these compromised sites would be redirected to a browser vulnerability-exploiting malware portal website in order to distribute banking Trojans or similar malware through the visiting computer.
Blackhole exploit kits are based on PHP and a MySQL backend and incorporate support for exploiting the most widely used and vulnerable security flaws in order to provide hackers with the highest probability of successful exploitation. The kits typically target versions of the Windows operating system and applications installed on Windows platforms."
A couple of weeks ago my board was down and my server providers said VPS memory usage spiked. This seems to have happened to other ipboard users too.
Recently I have also had lots of spam users trying to join.
Another member on these support forum posted this:
"DreamHost notified me that my VPS memory usage spiked, so I checked it out, and found the zx.php file you mentioned and I immediately deleted the three instances of it that I found (uploads/profile, hooks, and cache). I uploaded the security fix that was released today, and then went through the logs. Only one IP was explicitly trying to access the file, so I banned that IP via htaccess. Also, I saw a bunch of guests repeatedly accessing the logging system. After a few more IP bans via htaccess, the website is back to normal. I ran the security tools that IPS provides to check for unidentified files and it came back clear. YMMV."
I'll try and figure out and follow their guidance but I really dont have time for this cr*p.