Okay, my site has been hacked twice now, and this one is a mere take-over, minus the Cpanel, which my co-administrator has. I can't afford to get hacked again. If I would have known this was going to happen, I wouldn't have even tried a round number 3. I know that if I just plain give up, I'm letting the hacker win, and I don't want that. I could move to a more dedicated server, or I coujld start totally from scratch, but I don't want to do that either. What would you guys suggest? My suggestion would be to find a server that isn't prone to hacking, change my username and pass to something I probably won't even remember, and go from there. What do you think?
What should I do? About my forum
- Thread starter AnAccount
- Start date
Re: What should I do?
You should be fine on a host, just as long as your password is strong etc, you have the same chance of getting hacked on any host.
You should just stick with it. Get your staff to change your passwords and take regular back-ups so you can just re-store if you go down.
You should be fine on a host, just as long as your password is strong etc, you have the same chance of getting hacked on any host.
You should just stick with it. Get your staff to change your passwords and take regular back-ups so you can just re-store if you go down.
I have a very dedicated staff member who takes daily backups, so I don't know why I'm getting upset, when it's just over nothing. I know it's my fault. As soon as we're back up, I am going to get my co-administrator to come up with a really good password for me and that's the one I will use for that forum. I don't want to give up because I put so much time and work into it.
CyberFreak
Legendary Typer
Passwords are one way to get in but it can be through various methods. If they gained access through out of date php version or something on the server then moving hosts would benefit. If it was done by guessing a password (which i am guessing this case is baring in mind it was a take over) then you must have a secure password. Use a random password generator or hit random keys on your keyboard and add some capitals in. Make it really long 15 or 20 and the write it down on a bit of paper and place it somewhere you know where it is.
Unless you secure up your password, this will keep happening whether you start a new forum or not. There are other ways to get passwords (including random ones) but if it is not random then there is more chance of it being cracked.
Unless you secure up your password, this will keep happening whether you start a new forum or not. There are other ways to get passwords (including random ones) but if it is not random then there is more chance of it being cracked.
Well, I'm staying on the same host, and thankfully it wasn't my account that was cracked, but my co-administrator's so I'm thankful for that. But yeah, I will be staying at the host we are at now, and I will be doing a strong password.
CyberFreak
Legendary Typer
Make sure all staff have secure passwords aswell 😉
Watch Me Sink
Madly Diligent
Even if you have a sticky note on your computer with a secure password on it (doesn't mention which site it is, so that others in your house/dorm can't hack), you should be fine. Or even if you have a Mac, you can use Dashboard:Ashley said:
The way I do it is I pick a word in a foreign language (or even Gaelic), randomise the capitalisation and switch it to 1337. Then I add in a few symbols.
Example:
1)feirmeoir
2)f3irM3oiR
3)[f3irM-3oiR#
There is a reasonably easy to remember 12 digit password. It's in a foreign language, so dictionary attacks won't be able to crack it. Not only that, but it is distorted by converting it to 1337 and adding in additional symbols.
Example:
1)feirmeoir
2)f3irM3oiR
3)[f3irM-3oiR#
There is a reasonably easy to remember 12 digit password. It's in a foreign language, so dictionary attacks won't be able to crack it. Not only that, but it is distorted by converting it to 1337 and adding in additional symbols.
DarkRaven said:
I don't know that many foreign languages, though. I am Polish, so I suppose I could go look up a word in Polish and use that as a password. As for 1337, isn't that what people call that l33t Sp33k or whatever it is? Of course, that could be something else totally I'm thinking of.
Kirisute Gomen said:Even if you have a sticky note on your computer with a secure password on it (doesn't mention which site it is, so that others in your house/dorm can't hack), you should be fine. Or even if you have a Mac, you can use Dashboard:Ashley said:
I don't have a Mac, I have a Vista. As for my passwords, I usually write them down in a notebook and hide them someplace where only I can find them. What I sometimes do is, I write down the site's name, but I don't put the url-- for example, I'll put Forum Promotion, but I won't put anything like http://www.forumpromotion.net and then I'll just put the password next to the name of the site. That's currently what I'm trying to do now at the moment.
Fowler said:
Yeah, once we actually get back up, I might have a rule where my staff should change their passwords often to avoid this happening again. Thankfully, there's only one other administrator, so we're the only one's who have to worry about the site being taken down, otherwise it's just a global moderator.
Jabberwocky
Addicted
Good luck at getting your site back up.
As I've said before, more than likely it wasn't you being "hacked". The person had to of guessed your password, meaning you were cracked.
The #1 reason forums are trashed and/or deleted is because of admins who use weak "forumowner", "jonaslover", etc passwords.
The #1 reason forums are trashed and/or deleted is because of admins who use weak "forumowner", "jonaslover", etc passwords.
Jabberwocky said:
Thanks.
General Grievous said:
The cracking wasn't my end. It was my co-administrator, he was saying he had a password that he was using on another forum that he used for ours, which is why it got cracked. It wasn't my fault this time.
Yeah...I was going to ask if you were hacked, or cracked. And if it was you that got cracked or someone else.
What I do to up security:
Hide my email from all guest and member viewing and use a secret email only for the forum.
Use a password I never use anywhere else and needs to be specially keyed in it's so long and convoluted.
Do the same thing with the email pass.
Browse the net with lots of safety stuff like Adblock and Noscript, or use another browser altogether when I'm never logged into my forum.
What I do to up security:
Hide my email from all guest and member viewing and use a secret email only for the forum.
Use a password I never use anywhere else and needs to be specially keyed in it's so long and convoluted.
Do the same thing with the email pass.
Browse the net with lots of safety stuff like Adblock and Noscript, or use another browser altogether when I'm never logged into my forum.
Acorn said:
Well, I'm pretty sure we were cracked and not hacked, I can never keep my vocabulary straight. I know one thing I'm going to have done is add a few anti-spam mods, I will hide my email from members, I don't like Gmail, so I'm not going back to that. I'm not particularly fond of that one. I could use another browser like Firefox as well.
Jabberwocky
Addicted
Ashley, send me a pm about what you want done with your package at FreePro.
Affiliates
