PHPBB Hacked - and can't restore DB

apps

#1

Ok, first off make fun of me because I had PHPBB Version 2.0.11 and it was hacked on one of my domains (baseballboards.net)… Someone got frustrated with upgrading and look what happened…

So now I have completely replaced my installation of PHPBB to version 2.0.13 and have the site up – BUT the DB is screwed up. I say it’s scrwed up because I had backed the site up on Monday (conviently enough) and tried restoring the DB several times…

The forum list is up but I cannot gain access to the Admin control panel any more because there was an error in teh import. I’ve been trying various means to restore my DB (saved as an .SQL and Zip file from the PHPBB administrative control panel on monday) and the only one that NEARLY worked was corrupted (sus no access to Administrative control panel any more).

I’d try through Telnet to restore my DB but I’m not exactly sure what to do. When I have tried the commands in teh knowledge base (mysql -hHOSTNAME -uUSERNAME -pPASSWORD DATABASE<TEXT FILE ) nothing has happened besides getting a blank line from telnet.

HELP! :frowning:


#2

never mind guys, the Telent restore worked after all… Just took a lot of tiem because my DB is 13 megs…


#3

A note about phpBB security… We have blocked the majority (all?) of the current phpBB exploits with our ‘Extra Web Security’ option. It has now been enabled system-wide but the new configurations have not yet made it to all the servers. Upgrading phpBB is still highly advised, of course!

  • Dallas
  • DreamHost Honcho

#4

Is there a way to enable the ‘Extra Web Security’ option? How do you tell if it’s available or not?

Thanks.


#5

You can enable it by going to Domains/Web/(the domain you want to activate it on) in your Control Panel, but DH should be making it active on all accounts within the week.


MacManX.com
I don’t work here. I’m just your typical support forum volunteer.


#6

Want to stop veritually all attacks on phpBB?
Running PHP in Apache mode (NOT CGI mode)?

Add this to your .htaccess file: php_flag register_globals off

Note, it may break some script (noteably very poorly written PHP scripts), but it won’t break phpBB nor any correctly writen PHP script

(PHP developers have been told since before the release of PHP4 – 5 years ago – NOT to use register_globals).