Hacked again, tired of b2evolution

Heidi wrote:

> any better blog scripts out there that don't get hacked by spammers?

Do you mean spammers getting past your captcha and posting spam
comments, or really your blog itself being hacked?

--
Els http://locusmeus.com/
 >> Stay informed about: Hacked again, tired of b2evolution 

Els wrote:
: Heidi wrote:
:
:: any better blog scripts out there that don't get hacked by spammers?
:
: Do you mean spammers getting past your captcha and posting spam
: comments, or really your blog itself being hacked?

No my hosting account/domain was hacked because of the blog script according
to the host.
Some spamming files were placed in a /tmp folder that was above my account
and used to send spam out.
The host says the problem is a security hole in the b2evolution script.

It happened already on one domain which I am trying to fix without
success... Now another has gone down for the same reason
and my host suspended it ... wish they had told me though.

The bloom is coming off the rose fast...

Heidi
 >> Stay informed about: Hacked again, tired of b2evolution 

On Feb 8, 12:05 am, "Heidi" <blackc... RemoveThis @gmail.com> wrote:
> Els wrote:
> : Heidi wrote:
>
> :
> :: any better blog scripts out there that don't get hacked by spammers?
> :
> : Do you mean spammers getting past your captcha and posting spam
> : comments, or really your blog itself being hacked?
>
> No my hosting account/domain was hacked because of the blog script according
> to the host.
> Some spamming files were placed in a /tmp folder that was above my account
> and used to send spam out.
> The host says the problem is a security hole in the b2evolution script.
>
> It happened already on one domain which I am trying to fix without
> success... Now another has gone down for the same reason
> and my host suspended it ... wish they had told me though.
>
> The bloom is coming off the rose fast...
>
> Heidi

Heidi.
Might I suggest that you move hosts *or better yet install Wordpress
and use that to blog with.
--
Regards Chad. http://freewebdesignonline.org
 >> Stay informed about: Hacked again, tired of b2evolution 

Jerry Stuckle wrote:

: Hi, Heidi,
:
: I use Drupal for my sites. A bit more complicated to install and
: configure, but more versatile, with lots of features beyond just
: blogs.

Thanks Jerry. I am checking out Drupal right now. I am find though I am not
sure I can customize it as much as I like.
I had my b2evo installs completely customized. *sigh* that is probably the
one thing that makes this the worst.

The second thing is all the posts and stuff. I don't know how to convert
them to another blog script. =(

I will likely check some of the other blog scripts mentioned since I have
about four sites that use b2evo at the moment. But first is get this one
site back online... then I will worry about the others.

Heidi
 >> Stay informed about: Hacked again, tired of b2evolution 

Heidi wrote:
> Els wrote:
>: Heidi wrote:
>:
>:: any better blog scripts out there that don't get hacked by spammers?
>:
>: Do you mean spammers getting past your captcha and posting spam
>: comments, or really your blog itself being hacked?
>
> Some spamming files were placed in a /tmp folder that was above my account
> and used to send spam out.
> The host says the problem is a security hole in the b2evolution script.

I have no idea about b2evolution really, but personally I never
completely trust a host that blames one of my scripts. Of course
that's just my personal 'paranoia', but a host wouldn't like to admit
a security hole in their own system I think, which makes it all the
more attractive to blame an easy target like a commonly used script.
Note: not saying your host wasn't right about what happened in your
case - I really have no idea.

> It happened already on one domain which I am trying to fix without
> success... Now another has gone down for the same reason
> and my host suspended it ... wish they had told me though.

For blogging I use Nucleus ( http://nucleuscms.org ), but you need to
keep that one updated too of course. It's very easy to update though,
even if you have changed a lot in the skins and templates.

--
Els http://locusmeus.com/
 >> Stay informed about: Hacked again, tired of b2evolution 

Heidi wrote:
> Jerry Stuckle wrote:
>
> : Hi, Heidi,
> :
> : I use Drupal for my sites. A bit more complicated to install and
> : configure, but more versatile, with lots of features beyond just
> : blogs.
>
> Thanks Jerry. I am checking out Drupal right now. I am find though I am not
> sure I can customize it as much as I like.
> I had my b2evo installs completely customized. *sigh* that is probably the
> one thing that makes this the worst.
>
> The second thing is all the posts and stuff. I don't know how to convert
> them to another blog script. =(
>
> I will likely check some of the other blog scripts mentioned since I have
> about four sites that use b2evo at the moment. But first is get this one
> site back online... then I will worry about the others.
>
> Heidi
>
>
>

I do understand. Drupal is highly customizable - look at some of the
templates people have created. But it is NOT for the faint of heart!

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex DeleteThis @attglobal.net
==================
 >> Stay informed about: Hacked again, tired of b2evolution 

Jerry Stuckle wrote:
: I do understand. Drupal is highly customizable - look at some of the
: templates people have created. But it is NOT for the faint of heart!

Hah you are telling me. I already removed it :p I just dont' have time to
mess with it now.
I will try it again in a subfolder when I do though. =) It looked great.

I decided on Mini-Bloggie or MyBloggie-Lite. I found it on hotscripts and it
had a five pepper guest rating...

Best part is it has no visitor logs like b2evo did so hopefully the link
spammers will quit spamming me

It is simple and is going up fast which is just what I wanted.

Thanks Jerry =)

Heidi
 >> Stay informed about: Hacked again, tired of b2evolution 

"Els" <els.aNOSPAM.RemoveThis@tiscali.nl> wrote in message
news:2mho0hmzmid7.12xpe00snfj5t.dlg@40tude.net...
> Tina Peters wrote:
>> "Els" <els.aNOSPAM.RemoveThis@tiscali.nl> wrote in message
>> news:al0fvmscwen3.9jnfcm2xvtn1.dlg@40tude.net...
> Yup, but it does happen that users' accounts are compromised by the
> bad scripts on *other* users' accounts, which I think is the host's
> responsibility? Then again, I'm not a host, nor do I know anything
> about security on a shared server.


Not unless the other accounts have some sort of insecure script or issue as
well.

--
Tina Peters
AxisHOST.com | BuyAVPS.com
Serving the web since 1997
 >> Stay informed about: Hacked again, tired of b2evolution 

Heidi wrote:
> Els wrote:
> : Heidi wrote:
> :
> Some spamming files were placed in a /tmp folder that was above my account
> and used to send spam out.

A truly secure host would not allow a user to write to any directory "above
their account."

--
Dave
 >> Stay informed about: Hacked again, tired of b2evolution 

Dave wrote:
> Heidi wrote:
>> Els wrote:
>> : Heidi wrote:
>> :
>> Some spamming files were placed in a /tmp folder that was above my account
>> and used to send spam out.
>
> A truly secure host would not allow a user to write to any directory "above
> their account."
>

Untrue. It is the best place to put files you don't want directly
accessible from the web.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex DeleteThis @attglobal.net
==================
 >> Stay informed about: Hacked again, tired of b2evolution 

Dave wrote:
: A truly secure host would not allow a user to write to any directory
: "above their account."

Well I didn't but the spammer hacker did. All I was told by the host was
that I
would not be able to reach that tmp folder from inside my ftp or cpanel file
manager.

How they figured the exploit was from my account/domain is a mystery. I am
guess logs but
I don't know for sure.

Heidi
 >> Stay informed about: Hacked again, tired of b2evolution 

Heidi wrote:
> Dave wrote:
> : A truly secure host would not allow a user to write to any directory
> : "above their account."
>
> Well I didn't but the spammer hacker did. All I was told by the host was
> that I
> would not be able to reach that tmp folder from inside my ftp or cpanel file
> manager.
>
> How they figured the exploit was from my account/domain is a mystery. I am
> guess logs but
> I don't know for sure.
>
> Heidi
>
>
>
>
>

In that case I wonder how your host figured out it was your site.
Sounds to me more and more like he's looking for someone to blame,
rather than finding the hole in their setup.

Or maybe there is a way to upload files and put them in that directory.
But how would he know it came from your site?

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex.TakeThisOut@attglobal.net
==================
 >> Stay informed about: Hacked again, tired of b2evolution 

Jerry Stuckle wrote:
> Dave wrote:
>> Heidi wrote:
>>> Els wrote:
>>> : Heidi wrote:
>>> :
>>> Some spamming files were placed in a /tmp folder that was above my
>>> account
>>> and used to send spam out.
>>
>> A truly secure host would not allow a user to write to any directory
>> "above
>> their account."
>>
>
> Untrue. It is the best place to put files you don't want directly
> accessible from the web.
>

I would describe that as being "above the web root." The OP described a
situation where files were place above her account's home directory.

for example:
if the server directorys are
/
/home/username
/home/username/www <-- web root for usename
/var
/etc
/tmp

a user shouldn't be able to write data above /home/username

I would even say that /tmp should be mounted 'noexec' that way if somebody
does manage to write something there, they can't run any commands/scripts
from there.

--
Dave
 >> Stay informed about: Hacked again, tired of b2evolution