vBulletin Sites – Warning against hacks

chris .

In September, vBulletin posted a warning about a potential exploit in vBulletin 4/5 with the /install folder.

Since then we have seen a number of vB sites hacked.
First and foremost we’d recommend that you remove your /install (v4) or /core/install (v5) folders using FTP if you haven’t done so already. If you are on an earlier version we’d also recommend deleting your install folder too.

Second – make sure you have backups of your site files and database at all times. This can either be done manually via FTP and phpmyadmin, or using our Onsite Backups (£7.50+VAT for Entry Level Packages, £15+VAT for Premium Cloud, Dedi priced on request).

Third – make sure you always have the latest version of vBulletin installed – as a vB client, you should get an email alert when a new version is available.

If your site does get hacked, vBulletin has a useful guide for fixing your site:

http://www.vbulletin.com/forum/blogs/zachery/3993888-fixing-your-site-after-you-have-been-hacked.

And a more detailed guide which requires some knowledge of using root/SSH access:

http://vbtechsupport.com/2355/

×