I need help to protect my site

[the w]

Hi, guys.

I have a big problem i can`t protect my site.
Forum system is invision power board 3.1.4.
I tried to protect Administration Control Panel etc, but the result was the same.
If you can give some advice.

Thanks in advance...

[mShred]

We need a lot more information. What attacks is the attacker using? Webserver? Web services? What is the ending result of attacks? We can't help you without more info.

[the w]

So my site wasn`t hacked. He was be download. Now I worry that there will second attack, which can crash the entire system. I expect many more attacks, because to us every second site was hacked, we have something like the internet mafia . I use shared hosting, does vps, because i don`t have money to pay vps.

Sorry I can not explain properly, but do not speak English very well, because I am from Bulgaria.

[mShred]

He was be download

I'm not so sure i understand.. Try to explain everything that happened and what makes you believe that you're system is being compromised.

[the w]

The man who took my sql know him and he said i can easy be hacked.
I put the htaccess in admin panel. I changed the name and I have activated all Security Tools by admin panel.
Also, use different passwords generated and I did a master password of mozilla firefox
What more i can do ?

[mShred]

The man who took my sql know him and he said i can easy be hacked.
I put the htaccess in admin panel. I changed the name and I have activated all Security Tools by admin panel.
Also, use different passwords generated and I did a master password of mozilla firefox
What more i can do ?

I'm not sure what i can take out of that.. If you have an SQL Injection vulnerability, then you need to properly sanitize your queries. It probably wouldn't be a bad idea to hire some pen-testers, that way you can have some of the good guys find vulnerabilities and tell you what you need to do.

[Phantom Wolf]

It probably wouldn't be a bad idea to hire some pen-testers, that way you can have some of the good guys find vulnerabilities and tell you what you need to do.

If you give us the link to your site, and prove you own it (by putting a comment in the source somewhere), several users here will test your site's security. However, if your site's in Bulgarian, then we might not do so good a job. If you're really worried about your security, you should hire professionals

[the w]

the forum is http://web-protect.info/ . The Language of forum is English. I will write your nick in the chat room to prove that the forum is mine. To see the chat you must register.

[Phantom Wolf]

I haven't found anything so far, I'll look some more later if I have the time

EDIT: Forgot to mention, whoever it is telling you you can be hacked might be referring to an exploit for an old version of IPBoard that's been fixed

[tremor77]

IPB is a pretty secure environment overall if you have the latest versions AND you are using a LEGALLY obtained, registered copy of the software.

That being said, make sure you have everything up to date and that any customization you've done outside of the original code, along with 3rd party plugins, are properly secure.

If you are running on a shared web hosting account however, you are at the mercy of the flaws of the providers security.

I'm not sure if it's possible with IPB but, consider changing the configuration and location of your Administrative login. I tried to visit your site to see if I could examine it but it was not available... hopefully it is not too late.