recently we have had some accounts of users who haven't logged in for a while, who have been hacked: it seems that someone got hold of the credentials to spam. they are 5 or 6 accounts that we currently had to ban in order not to let the spam proliferate, but instead I would like to know if it would be possible to force these 5 or 6 users to update their passwords, so that if they ever do log in again someday they could do so, instead of finding themselves banned without knowing why. How can this be done in such cases? Thank you
change their passwords via ACP and change their user options to "force re-activation"
My 2 cents: Whether an extension is in the CDB says nothing about its quality. It is more important to read the support topics for it. Better to avoid authors who do not answer support questions themselves, who do not update their stuff, and who do not fix bugs for years.
Harrison76 wrote: ↑Sun Jan 22, 2023 5:47 pm
recently we have had some accounts of users who haven't logged in for a while, who have been hacked: it seems that someone got hold of the credentials to spam. they are 5 or 6 accounts that we currently had to ban in order not to let the spam proliferate, but instead I would like to know if it would be possible to force these 5 or 6 users to update their passwords, so that if they ever do log in again someday they could do so, instead of finding themselves banned without knowing why. How can this be done in such cases? Thank you
AFAIK there is no force password change feature.
But you can change the member's password so that he will need to request a new password (by mail).
Spelling is freeware, which means you can use it for free.
On the other hand, it is not open source, which means you cannot change it or publish it in a modified form.
Time flies like an arrow, but fruit flies like a banana.
If an account has been hacked, how do you know that the person who has assumed control of the account hasn't changed the email address or taken control of the email account?
Any action you might take still has the potential to end up in the hands of the hacker, so nothing would change.
The only solution I can see is ban the account with a message there is a problem with the account and they need to contact the board admin. If they do contact you, you will need to figure out a means to validate their identity.
Normal people… believe that if it ain’t broke, don’t fix it. Engineers believe that if it ain’t broke, it doesn’t have enough features yet. – Scott Adams
P_I wrote: ↑Sun Jan 22, 2023 6:43 pm
...
The only solution I can see is ban the account with a message there is a problem with the account and they need to contact the board admin. If they do contact you, you will need to figure out a means to validate their identity.
Yeah I thought about that also, but the identity validation part is the real hurdle.
Spelling is freeware, which means you can use it for free.
On the other hand, it is not open source, which means you cannot change it or publish it in a modified form.
Time flies like an arrow, but fruit flies like a banana.
I don't think spammers/hackers will bother with validation it will be a waste of time for them. They will just remove that username/password from their script and forget about it.
Did I helped You? Consider a donation.
New version of phpBB has been released? My styles aren't validated for it yet? Check my page for the latest downloads!
Those are spammers not hackers, not the same thing. You could just change the password to something totally obscure and leave it alone. The spammer won’t be able to get back in (unless he’s got control of the email address but that’s unlikely) and if the real owner turns up he can request a password reset.
P_I wrote: ↑Sun Jan 22, 2023 6:43 pmhow do you know that the person who has assumed control of the account hasn't changed the email address
"The good news is hell is just the product of a morbid human imagination.
The bad news is, whatever humans can imagine, they can usually create." - Harmony Cobel
How can I check "User notes"? I have one account that has clearly been hacked. I disabled the account (and deleted the hacked post), sent an email to the user, but it bounced. When checking the user account via ACP, the email looks fake. Is there a way I can see if the user (or hacker) has changed the email and thus email to a previously made email?
bikeridr wrote: ↑Tue Jan 24, 2023 1:15 pmHow can I check "User notes"?
ACP > Maintenance > User logs
Spelling is freeware, which means you can use it for free.
On the other hand, it is not open source, which means you cannot change it or publish it in a modified form.
Time flies like an arrow, but fruit flies like a banana.
Can I ask is the spam your getting "best crypto pumps"?
I'm getting 10 or so accounts from varying accounts between 3 and 10+ years old some that have contributed to the forum at some point, some that have not. All legitimate email addresses still. I get a feeling they have A. Had their password compromised somewhere or there is a security bug in phpbb
It's not just phpBB boards. It's also been seen on wordpress and Vbulletin among others. They all seem to be very old accounts so likely they use the same username/password across multiple sites and somewhere there has been a compromise that has allowed access to those accounts still residing on phpBB boards.
-:|:- Support Request Template -:|:- "Step up to red alert. Sir, are you absolutely sure? It does mean changing the bulb"
"The good news is hell is just the product of a morbid human imagination.
The bad news is, whatever humans can imagine, they can usually create." - Harmony Cobel