[fordsho]

My forum has been constantly turning on and off..... so now i receive this email

Block Disabled:      (Update License Status)
Suspended or Unlicensed Members Cannot View Code.

He keeps turning it on and off how can i put an end to this!!

[Lynne]

Contact your host! Why are you not contacting your host with this information?

[fordsho]

This is a registered user inside the database my host has Nothing to do with this.... NVM i guess i asked the wrong Big forum section.

[Neutral Singh]

If you can get into your admin cp then check the recent the admin log and note down all the IPs that have logged in as admin... check out who have registered with those ips and if you find any suspicious username with admin powers... BAN it right now... !! best of luck...

[Boofo]

There is no way he has a program on his desktop that will give Admin rights to any vb site. You think you have problems now, wait until you see what happens if you do give him your CPanel login.

Lynne is right, contact your host. They can help track this down. If it's a user, just look for anyone with admin permissions either as a main group or a second usergroup.

If all he is doing is turning the board off and on, then he doesn't have that much power yet or he would be flexing muscle. Looks like he's running a script somewhere.

[Lynne]

Do you have phpMyAdmin? Do you have it htaccess protected? Do you have your Admin CP and Mod CP htaccess protected?

[fordsho]

i have phpmyadmin ive been going through it but going through a list of 200000 members is a drag... And no i dont have any of those htaccess protected so ill get on it.

[Lynne]

He is either doing this by straight access to the database through phpMyAdmin, in which case looking at the access_logs will help you find exactly who is accessing that directory - use search in your text editor. Or he is going through your Admin Panel and must have admin access so you should look at your Administrator usergroup. And, as I said, you need to protect at least all three of those directories.

[fordsho]

Damn nvm pass protecting the admin cp and mod cp directories didnt work either.... so now whats next.

[Boofo]

Originally Posted by Lynne

He is either doing this by straight access to the database through phpMyAdmin, in which case looking at the access_logs will help you find exactly who is accessing that directory - use search in your text editor. Or he is going through your Admin Panel and must have admin access so you should look at your Administrator usergroup. And, as I said, you need to protect at least all three of those directories.

If this guy was in the DB he wouldn't need CPanel access as the DB is all he wants. If he had Admin CP access, he would lock everyone out until he gets what he wants. The clown is running a script somewhere that is toggling the site off and on. If this guy had any real access at all he would be showing what he could do. He wants the DB to get whatever settings he can so he can do some more scripts. If all he has done so far is toggle the site off and off then that is where he needs to be stopped. And no matter what he does, do NOT give him anything.

[sinfull]

DO NOT, NO MATTER WHAT GIVE HIM ANY ACCESS.
Check all your admin logs, and you should find the culprit.

[fordsho]

No way im giving him access. that would be murder... im looking through logs but i cant see anything. its driving me nutz sneaky little bastard.

--------------- Added 26 Feb 2008 at 19:27 ---------------

Well now im just going to put up a fresh copy of vb just delete all files except the database then upload new files.

[Lynne]

Originally Posted by Boofo

If this guy was in the DB he wouldn't need CPanel access as the DB is all he wants. If he had Admin CP access, he would lock everyone out until he gets what he wants. The clown is running a script somewhere that is toggling the site off and on. If this guy had any real access at all he would be showing what he could do. He wants the DB to get whatever settings he can so he can do some more scripts. If all he has done so far is toggle the site off and off then that is where he needs to be stopped. And no matter what he does, do NOT give him anything.

You are so right! I wasn't thinking clearly about the overall picture of what was going on. I think if this were my site, I'd close it down and delete all my files and put the site back up with a backup from a few days ago.

[fordsho]

Yea im deleting all the files and just puting up new ones but im going to be keeping my current database. as he didnt get in the database....

[Boofo]

Originally Posted by Lynne

You are so right! I wasn't thinking clearly about the overall picture of what was going on. I think if this were my site, I'd close it down and delete all my files and put the site back up with a backup from a few days ago.

He's just running "kiddie scripts" is all. I know if I was a kid with the kiddie script mind-set what I would do if I had access to someone's db. He wouldn't be asking for something he already has access to. Your suggestion is the best way to go at this point.

What a team!