In the interest of speeding up the investigations needed for filed security reports, we ask once again that you provide us with some basic information. In the past, we have on more than one occasion received a report that contained simply "my website got hacked, contact me for the script" or similar. While this is a start, it is not enough to open an investigation. Some basic things to note in your report when you file:
- If you think you know how an intruder was able to get in to your phpBB, tell us. Don't make us have to ask you, that just slows things down, and creates problems for everybody. We want this to be as smooth and as quick as possible.
- Note the version of phpBB you are using. Yes, the tracker asks you when you file, but it doesn't hurt to note it again in the body of the report.
- If you have any MODs, say so. We won't bite your head off.
- We would like only reports for the latest version of phpBB. If you find something in an older version, test it first in the latest version, and see if it works. If it does, tell us.
- Give us step-by-step instructions on how to recreate the problem. Again, don't make us guess or ask you, this just slows things down and causes problems for the both of us. That's not what we want, and that's not what you want.
- Unfortunately, we can't respond to reports about "my site was hacked using x old version." The Security Tracker is for new reports only. If you were attacked using an older version, post in the support forum, and a Support Team Member will help you out in getting back up and running.
http://www.ciac.org/ciac/CIAC_incident_ ... cs.html#12
https://s.microsoft.com/technet/securit ... ertus.aspx
The phpBB Team