mynameiskhan Posted January 7, 2011 Report Posted January 7, 2011 Dear Nabeel hi need urgent response on this i have installed PHPVMS for one of my VA name virtual airblue and from 3 days now somebody hacked it changed removed my ID posting wrong things on site changing site details how he breeched access into admin cpanel plz help URL http://vpia.org/virtualairblue/ Quote
TAV1702 Posted January 7, 2011 Report Posted January 7, 2011 I checked your site out and you are out of disc space on your hosting package. That's what all them errors on your site are. As far as the hacking part goes, I am not sure. Quote
Moderators mark1million Posted January 7, 2011 Moderators Report Posted January 7, 2011 And the function put contents is your files setting the cache needs to be 777 or like Tav said your out of space. If your passwords have been compromised then you need to also identify what else has been created and cleanse it. Change cpanel passwords, take all your sites off-line, change ALL your mysql db passwords update the local.config.php, make sure you recognise ALL files on your host. Easiest way is to delete them all if you are unable to do that, firstly making a backup and moving to your pc. Reinstall phpVMS in to new databases and database names, check that no one has updated their own permissions to admin or you will be in the same boat again with regards to access. Quote
TAV1702 Posted January 7, 2011 Report Posted January 7, 2011 And I am guessing the hack would have been server side. I have never heard of anyones phpVMS getting hacked other then that forum deal a bit back. But even then it wasnt phpVMS. It was a script I added to the forum. Quote
Administrators simpilot Posted January 8, 2011 Administrators Report Posted January 8, 2011 Check the cpanel logs and see what ip's have logged in to the panel. Most likely someone has the password and went into the database and manually assigned themselves as an admin to gain access to the va site. If it were someone with more info and knowledge than that there probably would not be anything left of the site at all. phpVMS also logs some info in the admin section, if it were news and such posted you should be able to see what id posted it. Mark speaks the truth as well, change everything as far as logins, even if you think it has not been compromised. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.