Site got hacked

[otseng]

The site experienced its first major hack this morning around 7 AM (EST). All the posts got corrupted and forum settings were modified. I have restored the site to the last monthly backup. So, unfortunately, all posts and new members since Aug 9 are lost. I'm currently trying to figure out how the hacker got in. In the meantime, the site might continue to experience problems until a patch is done.

[Vladd44]

If you changed your avatar since the backup date you will need to redo it as well.

[otseng]

I figured out how he hacked the site. I've closed the hole and hardened the code a bit to deter any similar attacks on that functionality. I've also banned the guy's IP.

[wrekk]

I'll never understand what someone could possibly gain from hacking a forum. I guess bragging rights?? It's so sad and ridiculous... let alone senseless.

I feel your pain. I believe all of us here at DCR do as well. Let me know if I can be of any help.

[otseng]

My guess is that he wanted to make a statement. All the posts were mass edited and filled with profanity. Perhaps he was hoping that he can shut this forum down. But, fortunately I was able to restore to the most recent backup. So, though it's painful to lose a month's worth of posts, at least the site is still operational. Also, I had reported it to the phpbb support forum. And it appears that nobody else has experienced this (or at least reported it). So, it might have been a targeted attack.

[otseng]

I traced the hacker's IP back to a referer log of a Google search of "religion forum". So, this hacker was looking to specifically attack religious forums with a particular vulnerability. And this site happens to be the first site in the Google search result and also have the vulnerability.

[myth-one.com]

During this time of tragedy and sorrow this may be an innapropriate time to bring this up. However, I believe I had about 10 million tokens when the system was hacked. Now I have less than a hundred. Can this be remedied?

Thanks,
myth-one.com

PS: In the spirit of Christian love and giving, I'm willing to accept 5 million.

[otseng]

During this time of tragedy and sorrow this may be an innapropriate time to bring this up. However, I believe I had about 10 million tokens when the system was hacked. Now I have less than a hundred. Can this be remedied?

Thanks,
myth-one.com

PS: In the spirit of Christian love and giving, I'm willing to accept 5 million.

You'll have to talk to the accounting department about that.

[Vladd44]

I believe I had about 10 million tokens when the system was hacked. Now I have less than a hundred. Can this be remedied?

Silver and gold have I none, but such as I have give I thee.

No don't try to pick up the bed.... I cannot make you walk either.

Hardly 10 million tokens, but their yours.


--------------------

Update: Tried to donate my tokens to myth-one.com, from his profile, I got this msg.

Fatal error: Call to undefined function submit_post() in /home/dcr/public_html/forum/cash.php on line 244

When trying from my profile the link showed as http://debatingchristianity.com/forum/c ... =mpg&u=566 but clicking it reverted me back to index.php

----------------------------
Sorry Myth, I guess I won't be giving you tokens today. Remind me when it is fixed, and you can have whatever I have at that point.

[wrekk]

During this time of tragedy and sorrow this may be an innapropriate time to bring this up. However, I believe I had about 10 million tokens when the system was hacked. Now I have less than a hundred. Can this be remedied?

Thanks,
myth-one.com

PS: In the spirit of Christian love and giving, I'm willing to accept 5 million.