phpBB Academy at StarTrekGuide

[skyrfox]

please help me to secure my site.i'm novice in phpbb but i'm tired to see my work distroyed 2 times in one week.please sugestions...

[wired076]

Please advise version of phpBB used, php version, what modifications are installed.

Also what other software is installed on your site and are you on shared, vps, dedicated or some other type of hosting?

This is a hard question to ask anyone without them being able to study your setup in detail so any information you can give us will allow us to provide suggestions for you to implement.

As always you should always try and keep everything up to date on you server and do regular backups to prevent and minimise the stress/problems caused if/when this happens and to remove any easily hackable targets on the server.

[Erik Frèrejean]

There are no know security issues with any phpBB 3 version at this moment. Therefore its most likely that this hacker entered your server through an other piece of software and exploited you through that. Please check whether all the software you are running is up to date with their latest version.
If you want to make sure that this isn't caused by phpBB you can submit a ticked to the phpbb.com IIT

My board has been hacked, what do I do?
Please do the following before making any modifications to your board (this includes changing passwords, editing files, running the admin toolkit, etc.):
1) Save a copy of the files (simply create a local copy of the files on the server).
2) Save a copy of the database.
3) Save the server access logs for the time of the hack (they may be available in the 'logs' directory on the server, in your host's control panel or only by request directly from your host).
4) File a report in the incident tracker. Attach the items from steps 1-3 when you file the report or upload them to a secure location for the incident investigation team to download. Please do not start a new topic on the board, the proper place for incidents reports is the tracker.