Instructions for Fixing Hacked phpBB Forums?

I was wondering if anyone has had to repair their phpBB forums after a hack attack. I made the mistake of not updating my forums to the latest update, and the other day a robot totally messed up my message board. DreamHost came though with all of the backed up database files that had luckily been backed up earlier that same day, so I’ve got these in my database now, ready to restore. The biggest damage done was the removal of about six of my discussion forums, and some of the usernames and other forum titles/descriptions had been changed. That was about it. I was able to disable the board before further damage could be done.

I just need a little help in figuring out how to have these backed up database tables replace the ones that were included in the attack for the restoratin of my forums, because when I go into my forums right now it is still accessing the previous tables. How does one go about hooking the backed up tables to the forums so they use those and not the damaged ones?

Once that is done I will then begin immediately on updating to the latest version of phpBB.

Is this information available here on the DreamHost site anywhere? If so, please post a link. Or if you know anything about restoring a hacked phpBB forum after an attack (and using DreamHost backed-up tables to do so), then please post that, too.


You should be able to change the information in the config.php file to point to your old database.

You might also want to get on phpbb’s updated file’s mailing list. That way you will always be up-to-date.

A friend of mine who has the latest update of phpBB forums (2.0.13) just got hacked AGAIN (he was previously using 2.0.11 when he got hacked a couple of days ago) and the hacker had logged himself in as admin. Seems it’s a real person doing the hacking (not a robot) and he was pretty pissed that my friend had removed all of his pictures and word censors. It’s crazy… but it seems that phpBB is just too vulnerable. As soon as they post an update the hackers just come back with a new script to get in.

Has anyone ever tried ???

That is true, I was just on the phpbb board and read that some hackers get admin rights, didn’t hack up the board, and just waited for the 2.0.13 update, then hacked it. That is why it is a good idea to keep up to date on your board, and to check who has what rights after an update.

Which is what I am about to go do…double check that I am still the only admin on my board.

Of course, you get what you pay for and phpbb is free open source. I hope they get it all figured out. I know they are working on 2.0.14, and can’t wait for Olympus to come out.


You could always try a different forum system.
mybb is an upcoming one. I make mods for it, and so far no big problems reported. Might want to wait for mybb gold though. Someone made a phpbb converter too.

If they hacked the forum using the SQL inject exploit then the patch doesn’t fix it.

The patch fixes the hole so an attacker can not enter a string in the URL that will create a hidden user.

If you were hit with the SQL inject attack then you have to do in the database and manually delete the user that was created.

Most if not all of the data is stored in the mysql database. If you have the basic install, just download the lastest version and replace it with the one on your site. If you have mods then they need to be taken care of next.
Depending on how you downloaded your backup, if it was done in the administrator panel, then you should beable to upload your old database to replace the old one. Another option is to use myadmin and that is already on the server, you can get to that through your deamhost panel.
If your installing a new version of the software, you may have the option of replacing the old database with an empty one.
I recommend posting a message on phpbb forum to make sure I did not leave anything out. They also have howto’s on backing up and restoring the database using both options I mentioned.