Just been hacked :(

Mby some more info? Like which version?

Which version of PHPFusion do you have?
Which infusions & mods did you install?
What's the url of your site?

Thats why we - Website owners USE BACKUPS.

But think about if you created really big community which is so... 3 years old. How big is the whole web? Will you create you backups every day? It takes too much. But one time a week... mby...

But anyway, lets hear from the author what happened there...

I am using version 6.01.13

As for mods and infusions - I only had one, it was a Web page wrapper, which i think was still in beta stage, perhaps this was how my site got hacked.

It got hacked again this morning, while my server was restoring files from a previous back up. So not everything lost, but still a real pain!

url: www.walthamforest-fc.co.uk

Then do not install this infusion again, delete the files and wait if you get hacked again :D

And very important:
Change all your passwords!
Including the passwords of your PHPFusion-Account, FTP and mysql!

And look at your server, if there are any files, which had been modified by the hacker! They often leave some bad files on the server...

Yep already done that, really hope it doesnt happen again! :(

Hi,
Like other know my site was hacked in september.
2 reasons for that:

1. Bad infusions - do not use unchecked and not proven infusions
2. Always use latest version of PHPFusion

And, usually do backup , every few days will be OK.
I also copy entire site to my hdd, for security.

My site got hacked just the other day (the reson I have been looking through the forums here.) It's not a pleasant sight when you go to log on and some propaganda picture comes up and your headings have all been changed to a foreign language :(

Anyways, I was running 6.01.13 and the only mods I have running are an advanced file uploads one and a calendar.

The advanced file uploads infusion is pretty old from Wooya on PHPfusion Mods but it's exactly what I wanted, should I upgrade it to something more recent anyways, or does anyone know if this one is deemed safe? Also, the Calendar I'm not 100% sure which one it was because I deleted it immediately after reading another post on here. I would really like to have a calendar on the site if anyone knows of a safe one?

Nonetheless, it doesn't look like they did anything crucial to the site other than change the setting in the system/main area which displayed their crap all over the main page. I deleted all files from the server and reinstalled a fresh copy of PHPfusion just in case so hopefully this doesn't happen again.

There is one calender, which is safe:
http://beta.phpfusion-mods.com/forum/...rowstart=0

Same here, home hacket first though a calender, disabled that on, the they went through hall of fame Infusion :( solved by banning all ip from turkey in my router (with a little help from http://ip.ludost.net/, could use a infusion, that combined country codes to the blacklist

Wherefrom you want to know, that you were hacked through the Hall Of Fame Infusion?

If you are talking about this infusion, then please report me via PM, how they hacked it!

Sorry :| wrong ref, it was through the team_mod, they found out from that who was admins, and then they forced their way through resetting one of the admin password.

ok, then I am tranquilised, because I coded the Hall Of Fame :P

could easely been one of your infusions, coz your site in under my favorite site to look for infusions that works first time ;)

Only a part of the infusions, which you find at my site, are coded by me ;)

But all my own infusions should be secure (so I hope) ;)