Security help-info on phpnuke sites

  Post new topicReply to topicPrintable Version
<< View previous topic View next topic >>
Share: Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
#1   Security help-info on phpnuke sites
tyler811
CZ Newbie
tyler811 has been a member for over 18 year's 18 Year Member
Gender: Male
Status: Offline
Joined: Feb 11, 2006
0.00 posts per day
Posts: 28
Points: 126
   
I recieved an email from someone who hacked into codnation.com You go their site and it is splattered all over their first page. I run PHPNuke 7.9 what do I need to as far security to secure my site?

What are the best security measures?



Back to top Reply with quote
#2   re: Security help-info on phpnuke sites
echo
CZ Wiz
 Codezwiz Site Donator
Gender: Male
Status: Offline
Joined: Oct 04, 2003
0.15 posts per day
Posts: 1147
Points: 93
   
Nuke 7.7 through 7.9 are not very secure, and they are no longer being patched with security fixes. 7.6 was the last real secure Nuke and is still being patched (latest patch version 3.2) You should also be running something like NukeSentinel™ as an addon security measure. You can get the latest version [ Register or login to view links on this board.] .



Back to top Reply with quote
#3   Re: re: Security help-info on phpnuke sites
tyler811
CZ Newbie
tyler811 has been a member for over 18 year's 18 Year Member
Gender: Male
Status: Offline
Joined: Feb 11, 2006
0.00 posts per day
Posts: 28
Points: 126
   


Originally posted by echo @ Fri Apr 28, 2006 1:18 am:

Nuke 7.7 through 7.9 are not very secure, and they are no longer being patched with security fixes. 7.6 was the last real secure Nuke and is still being patched (latest patch version 3.2) You should also be running something like NukeSentinel™ as an addon security measure. You can get the latest version [ Register or login to view links on this board.] .


Thank you so much for your help but which one would I use?



Back to top Reply with quote
#4   re: Security help-info on phpnuke sites
echo
CZ Wiz
 Codezwiz Site Donator
Gender: Male
Status: Offline
Joined: Oct 04, 2003
0.15 posts per day
Posts: 1147
Points: 93
   
I believe it's this one: [ Register or login to view links on this board. ]
Just remember to backup all original files involved before editing/overwriting.



Back to top Reply with quote
#5   Re: re: Security help-info on phpnuke sites
tyler811
CZ Newbie
tyler811 has been a member for over 18 year's 18 Year Member
Gender: Male
Status: Offline
Joined: Feb 11, 2006
0.00 posts per day
Posts: 28
Points: 126
   


Originally posted by echo @ Fri Apr 28, 2006 5:32 am:

I believe it's this one: [ Register or login to view links on this board. ]


thanks but now its says it is an invalid file. It shows up as a .tar.tar icon_question.gif



Back to top Reply with quote
#6   re: Security help-info on phpnuke sites
echo
CZ Wiz
 Codezwiz Site Donator
Gender: Male
Status: Offline
Joined: Oct 04, 2003
0.15 posts per day
Posts: 1147
Points: 93
   
I will add it here in zip form, please tell me when you have it so I can remove it.



Back to top Reply with quote
#7   Re: re: Security help-info on phpnuke sites
tyler811
CZ Newbie
tyler811 has been a member for over 18 year's 18 Year Member
Gender: Male
Status: Offline
Joined: Feb 11, 2006
0.00 posts per day
Posts: 28
Points: 126
   


Originally posted by echo @ Fri Apr 28, 2006 5:48 am:

I will add it here in zip form, please tell me when you have it so I can remove it.


Thank you very much. Do I upload these into the existing file such as: All admin files go into the admin folder already in my site or do I upload the folder so it is all by itself?



Back to top Reply with quote
#8   Re: re: Security help-info on phpnuke sites
tyler811
CZ Newbie
tyler811 has been a member for over 18 year's 18 Year Member
Gender: Male
Status: Offline
Joined: Feb 11, 2006
0.00 posts per day
Posts: 28
Points: 126
   


Originally posted by tyler811 @ Fri Apr 28, 2006 6:32 am:



Originally posted by echo @ Fri Apr 28, 2006 5:48 am:

I will add it here in zip form, please tell me when you have it so I can remove it.


Thank you very much. Do I upload these into the existing file such as: All admin files go into the admin folder already in my site or do I upload the folder so it is all by itself?


Ok I got everything in but now I get this

Operation Status!

--------------------------------------------------------------------------------
Everything seems to have completed succeesfully icon_smile.gif

--------------------------------------------------------------------------------
Operation Complete!
Goto NukeSentinel™ Admin


And then this:
It appears that NukeSentinel™ has not been configured correctly. The most common cause is that you either have an error in the syntax that is including includes/nukesentinel.php from your mainfile.php, or you have not added the NukeSentinel™ code to your mainfile.php. Details for including this code are included in the download package in the Edits_For_Core_Files directory.


What is wrong?



Back to top Reply with quote
#9   re: Security help-info on phpnuke sites
echo
CZ Wiz
 Codezwiz Site Donator
Gender: Male
Status: Offline
Joined: Oct 04, 2003
0.15 posts per day
Posts: 1147
Points: 93
   
Did you edit the mainfile as stated in the "Edits_For_Core_Files" folder?



Back to top Reply with quote
#10   
tyler811
CZ Newbie
tyler811 has been a member for over 18 year's 18 Year Member
Gender: Male
Status: Offline
Joined: Feb 11, 2006
0.00 posts per day
Posts: 28
Points: 126
   
the mainfile 7.9 has this and tons more:

This file is for instructional use. */
/* By: NukeScripts Network (webmaster@nukescripts.net) */
/* [ Register or login to view links on this board. ] */
/* Modifications Copyright © 2000-2006 by NukeScripts Network */
/************************************************************************/
/* Based on Patched 3.1 mainfile.php your mainfile.php may differ from */
/* the examples found here. */
/************************************************************************/

#
#-----[ OPEN ]------------------------------------------
#
mainfile.php

#
#-----[ FIND ]------------------------------------------
#
if (defined('FORUM_ADMIN')) {
@require_once("../../../config.php");
@require_once("../../../db/db.php");
@require_once("../../../includes/sql_layer.php");
if (file_exists("../../../includes/custom_files/custom_mainfile.php")) { @include_once("../../../includes/custom_files/custom_mainfile.php"); }
@require_once("../../../includes/ipban.php");
if (defined('NUKE_HEADER') &&

What am I supposed to do? And thank you so much for all your help. You have went above and beyond the call for help icon_biggrin.gif



Back to top Reply with quote
Display posts from previous:      
Add To: Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  
<< View previous topic View next topic >>
Post new topicReply to topic

Jump to 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum