Title: Should I be worried?
Tamapal3000 - January 29, 2008 12:41 PM (GMT)
Hi everyone,
Should I be worried about this. I was searching my forum's name on Yahoo just for fun and I found this.
Should I be worried about that?
//Tamapal3000
Should I be worried about this. I was searching my forum's name on Yahoo just for fun and I found this.
Should I be worried about that?
//Tamapal3000
Clay - January 29, 2008 01:45 PM (GMT)
Is your board link: http://www.tamacraze101.cjb.net ?
If it is, then yes I would be worried. If it is not, then I wouldn't be too worried, I'd suggest talking to all of your moderators and admins about changing their passwords, or maknig sure that they are secure. Especially the groups that have ACP access.
Even if that isn't your forum link, I'd still take the precautions.
If it is, then yes I would be worried. If it is not, then I wouldn't be too worried, I'd suggest talking to all of your moderators and admins about changing their passwords, or maknig sure that they are secure. Especially the groups that have ACP access.
Even if that isn't your forum link, I'd still take the precautions.
Klea - January 29, 2008 02:55 PM (GMT)
If that's your forum, you definitely have a problem. You need to review all your security procedures, from who can view the board, how the registration process is done (I always use admin validation), and EVERYBODY needs to change their passwords -- admins and mods, especially!
Create an alternate account for yourself, so you can get in if somebody accesses the controls and deletes you. Make sure your second account is known only to you and that you give this account the proper accesses to the ACP.
It also wouldn't hurt to see if you can get a new address. They can't hack/crack you if they can't find you.
Create an alternate account for yourself, so you can get in if somebody accesses the controls and deletes you. Make sure your second account is known only to you and that you give this account the proper accesses to the ACP.
It also wouldn't hurt to see if you can get a new address. They can't hack/crack you if they can't find you.
HelenaZF - January 29, 2008 03:20 PM (GMT)
It's all about the passwords of you and your staff. Almost all board crackings are related to weak passwords that can be easily guessed, or a staff member who gives or is tricked into giving admin CP access. So alerting your staff is very important.
If you need help on how to make your passwords strong, see this documentation:
http://bigboardsresources.com/index.php?showtopic=406
If you need help on how to make your passwords strong, see this documentation:
http://bigboardsresources.com/index.php?showtopic=406
Tamapal3000 - January 29, 2008 03:54 PM (GMT)
The thing I am worried about is that someone can come into my ACP without even knowing my password. Can someone actually do that? Am I safe if I have a password that has over 20 characters mixed of everything? I am really worried.
//Tamapal3000
//Tamapal3000
natyrox - January 29, 2008 09:23 PM (GMT)
They can easily reach your admin panel, but they won't be able to change anything without your password.
An easy trick would be to change your domain to a really obscure one, and get a .co.nr domain for free from here.
An easy trick would be to change your domain to a really obscure one, and get a .co.nr domain for free from here.
wissaboo - January 29, 2008 10:16 PM (GMT)
| QUOTE (Klea @ Jan 29 2008, 08:55 AM) |
| If that's your forum, you definitely have a problem. You need to review all your security procedures, from who can view the board, how the registration process is done (I always use admin validation), and EVERYBODY needs to change their passwords -- admins and mods, especially! Create an alternate account for yourself, so you can get in if somebody accesses the controls and deletes you. Make sure your second account is known only to you and that you give this account the proper accesses to the ACP. It also wouldn't hurt to see if you can get a new address. They can't hack/crack you if they can't find you. |
how do you give an account access to the admin panel without it showing up under moderating team?
Mwr247 - January 30, 2008 01:08 AM (GMT)
He means the login page of it, they can't actually get in it though.
And thats weird... I was sure I replied to this right before i left for school before anyone else =\ Maybe I'm going crazy :haha:
And thats weird... I was sure I replied to this right before i left for school before anyone else =\ Maybe I'm going crazy :haha:
Cory - January 30, 2008 08:05 AM (GMT)
You should still take precaution, but just to let you know, I don't believe that topic exists anymore.
.Deluxe - January 30, 2008 05:43 PM (GMT)
Make sure your other admins change their passwords too, although other admins don't have permissions to delete the board, they certainly have permissions to change settings, and delete parts of your board.
If you can't get hold of your admins quick enough, demote them, and send them a PM entitled with something like "Temporary Demotion". :P
If you can't get hold of your admins quick enough, demote them, and send them a PM entitled with something like "Temporary Demotion". :P