Help needed from website owners

[j_jindal1]

Hi All,

I need help from the guys who are either running their websites or have an idea on web security.

I was running a forum for last 3-4 years using latest versions of SMF. On 9th Jan someone hacked the forum and placed scripts for bank account phishing. I received mails from the bank regarding these phishing activities and instantly I removed all those scripts. But just for safety I have suspended my account for the time being..

What should have I done to avoid this hacking. Please guide me so that I can make sure my site is safe on net.

Thanks

@Mods: If this is not the right section, please move the thread to appropriate section. I just thought it will gain more attention here..

 

[varkey]

If you had the forum for 3-4 years, then it probably was a very old version of the forum script with known security holes. Always keep the scripts updated to the latest version to avoid any hacking attempts such as this.

Edit : Didn't see that you were using latest versions :ashamed: Then probably consider a better forum script. It may also depend on the host as well, since its shared hosting and if the server is poorly configured, a bad script running on another customers account may also allow a hacker to gain acces and damage your files as well.

 

[Gaurish]

I would give you two simple suggestions

1) Migrate to Purchase vBulletin, the most powerful forum software available.. Its the same forum script that TE runs on,its lot safer

2) Use a good host which manages security well.

 

[j_jindal1]

Thanks for the suggestions....

The host is a trusted one, in business for past 7 years and he is more concerned about security.

I was looking for a free forum script and SMF in itself is very safe. It's also ranked good in some forums similarly as vBulletin. As per SMf team it wasn't a security hole issue in SMF.

I had installed a fresh version of SMF in nov2009 itself so there's no point of old script....