I was almost hacked into. It only happened after I allowed images in posts. (fopen wrappers=on)

Please set the Knowledge Base to not allow posting. I had someone almost hack in.
He was able to (as a user), but was just a guest, write an article.

Just set the permissions to not allow posting to the Knowledge base, and you will be better off.

The user name was a lot of letters and numbers. ctracker kept them out. I have a record of it in the ctracker database.

 

____________
My main IP 1.3 site
My IP 1.3 styles test site

In my inbox, I had a message from this "anonymous" user. That hacker was a guest and was able to post in the KB.

Of course, when I found out, I disallowed KB articles of any type.

Here is a pic of the message.

 

When you click to read the article, you get this:

Quote:

Could not obtain category information

DEBUG MODE

SQL Error : 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY cat_order ASC' at line 3

SELECT * FROM ip_kb_categories WHERE parent = 0 AND category_id <> ORDER BY cat_order ASC

Line : 1171
File : functions_kb.php

 

____________
My main IP 1.3 site
My IP 1.3 styles test site

This is not necessarily a hacker. In my forum I was getting notifications of KB modifications being with the user IP... the Google Bot IP!  

I think it's a bug in IP, but it doesn't let a real modification or submission of an article but just generates the notification when it shouldn't do it.

hal9000 wrote: [View Post]

I think it's a bug in IP

I don't think so. IMHO it's a permissions issue only: if you don't set permissions correctly then you could get that kind of problems.

____________
~~~ Andrea ~~~
User #379756 on Linux Counter
"If you can't apt-get something, it isn't useful or doesn't exist!!"

buldo wrote: [View Post]

hal9000 wrote: [View Post]

I think it's a bug in IP

I don't think so. IMHO it's a permissions issue only: if you don't set permissions correctly then you could get that kind of problems.

I'll take a look again, but I think when that happened I already looked at the permission and it was configured to only admins could post or modify. I don't remember well though.