Blog Documentation Book a Demo
Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Forum hacked?

2»

Comments

  • DinoboffDinoboff
    edited November 2007
    The problem is related to some misuse of conf/settings.php or some bugs in their installation process. WHich extensions are you using? And are they up to date? A simple protection is to set the permissions on the settings.php (and database.php) to 400, 440 or 444 (depending of our server config).
  • KrakKrak New
    Hmmm I'd hate for it to be the HiddenText addon (or other addon), some people have had issues with it wiping out database/settings.php. Although that particular addon was wiping database.php, befire I made changes, then it hit settings, now it should be all ok (this was recently, like this week).
  • RabbitAboutRabbitAbout
    Thanks Dino,

    I have uploaded a file into the root directory of Vanilla with only: echo dirname(__FILE__);
    Do I need to run something to find out the Application Path ?
    Sorry for the questions.

    Krak, I am not using the HiddenText addon, so the problem didn't arise from that.

    Thanks
  • DinoboffDinoboff
    edited November 2007
    eg /somewhere/on/the/server/forum/test.php :
    <?php echo dirname(__FILE__); ?>
    Then go to http://your.domain.com/test.php, it will display the path to the forum folder.
  • RabbitAboutRabbitAbout
    Thanks Dino,

    I have uploaded and gone the that URL.
    A line appears with echo dirname(__FILE__);
    but nothing else.
    Am I doing something wrong?
    Thanks
  • DinoboffDinoboff
    edited November 2007
    The file should have a .php extension. "echo dirname(__FILE__);" should be between "<?php ... ?>"
  • RabbitAboutRabbitAbout
    Thanks Dino, All working again now. You are a star !!!
This discussion has been closed.