Instructions for Fixing Hacked phpBB Forums?

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Anti-Spam Guide
Post Reply
mariaevinne
Registered User
Posts: 1
Joined: Thu Aug 24, 2017 10:22 am

Instructions for Fixing Hacked phpBB Forums?

Post by mariaevinne » Thu Aug 24, 2017 10:33 am

I was wondering if anyone has had to repair their phpBB forums after a hack attack. I made the mistake of not updating my forums to the latest update, and the other day a robot totally messed up my message board. DreamHost came though with all of the backed up database files that had luckily been backed up earlier that same day, so I've got these in my database now, ready to restore. The biggest damage done was the removal of about six of my discussion forums, and some of the usernames and other forum titles/descriptions had been changed. That was about it. I was able to disable the board before further damage could be done.

I just need a little help in figuring out how to have these backed up database tables replace the ones that were included in the attack for the restoratin of my forums, because when I go into my forums right now it is still accessing the previous tables. How does one go about hooking the backed up tables to the forums so they use those and not the damaged ones?

Once that is done I will then begin immediately on updating to the latest version of phpBB.

Is this information available here on the DreamHost site anywhere? If so, please post a link. Or if you know anything about restoring a hacked phpBB forum after an attack (and using DreamHost backed-up tables to do so), then please post that, too.

Thanks,

User avatar
Mick
Support Team Member
Support Team Member
Posts: 17691
Joined: Fri Aug 29, 2008 9:49 am

Re: Instructions for Fixing Hacked phpBB Forums?

Post by Mick » Fri Aug 25, 2017 10:15 am

If your board has been hacked, please do the following before making any modifications to your board (this includes changing passwords, editing files, running the Support Toolkit, etc.):
  1. Save an archive file comprising copies of all the files (this can be done by creating a zip or tarball of the files).
  2. Save a copy of the database.
  3. Save the server access logs for the time of the hack (they may be available in the “logs” directory on the server, in your host’s control panel or only by request directly from your host).
  4. File a report in the incident tracker. Attach the items from steps 1-3 when you file the report or upload them to a secure location for the incident investigation team to download. Please do not start a new topic on the board, the proper place for incidents reports is the tracker.
"The more connected we get the more alone we become" - Kyle Broflovski

Forza Garibaldi

Post Reply

Return to “phpBB Discussion”

Who is online

Users browsing this forum: Tbot [Bot] and 24 guests