PHPBB Hacked

Anyone using PHPBB? Anyone been hacked lately? Well we did, and here is the process for getting back to pre-spammer days.

Yes, yes I know… you’ve been hacked, now what do you do? First, what was hacked, is it the same ip address? Username? Regardless of the current state, it’s time to trim forum permissions in PHPBB. Login, cut all permissions, you can do so by going to ‘group forum permissions’ select each usergroup type (not including Admins)all and submit. Next screen you will be prompted to select a forum, we recommend selecting ‘all forums’ since we need to cut proverbial spammers loose. You can do that here. Once All forums have been selected, work your way through each forum, while selecting ‘all NO’. This will seemingly remove all permissions by user on each forum. Check and see if access has been revoke for all usergroup types. All errors aside, you should be to perform this change by usergroup by forum for all users. Check your progress, simply crack open another browser and try the login process. I do have different usergroup types saved for testing purposes only, if you don’t…. create a few test accounts. Fast-forward, assuming you’ve done this correctly, the BB’s will be closed down to all users(again, accept Admins). Time to purge posts, users, spammers, fake ‘pr0n’ links, Viagra and casino ads/links from the system. Another article in the future, but you will have to take sometime and dig into the posts, when posts were submitted and ‘all purge’. Here’s a handy link from the folks over at phpbbservices for my explicit detail. I’ve used the link a few times for reference. Ultimately, posting it here for future references and spam attacks.

Cathartic. Anyway, once you feel all users, posts and b.s. has been removed. The old ‘post counter’ still reads some astronomical number associated with the spam posted to your bb’s and making the post count that less relevant or meaningless in our case. Ok, time to crack open phpMyAdmin. Second of all, back up your databases before you continue. (First of All or Second?) Please don’t make that mistake, learn from our PAIN!

So, lets move onto ‘post counts’… myPhpAdmin is your friend here, certainly the most directly way to clean up posts tied to your phpbb install. Head on over to your hosting services, specifically phpMyAdmin… find the db(database) attached to your phpbb install. We are looking for ‘posts’ or ‘bb_posts’ within the database mentioned a second ago. Once there, it’s a quick purge to clean up post counts: update bb_posts set post_postcount=1

That’s it… a little refresh on the page count will do the trick. Don’t forget to run through the system auto purge tools as well. Those seem to help as well. See screenshots above.

As usual leave a comment below, let us know what you’re thinking?