FF hacked!

[shamzblueworld]

unfortunately my forum funforums.net has been hacked and I've lost all the data of the past three months, all the users, discussions etc. Damn!
How can one cope with this? Any help so that it does not happen again?

 

[Sam1]

unfortunately my forum www.funforums.net has been hacked and I've lost all the data of the past three months, all the users, discussions etc. Damn!
How can one cope with this? Any help so that it does not happen again?

I hate getting hacked, although it hasn't happened in a while (touch wood).

• Stronger passwords.
• Changing the location of the ACP.
• Ensuring your Mybb version is up-to-date.
• Choose a host that takes daily backups. holderhost has the cPRemote plugin installed which allows users to restore / manage their own backups.

 

[Jordan]

Getting hacked is one of the downsides of being a webmaster. It can happen. However, you should also take your part as the web owner to help prevent it from happening in the first place. Since you are hacked, all the provided steps @Sam has provided are very accurate. However, here are a few more.
If you have the backup and you restore it, not only change your database passwords, but also the database usernames. This will ensure if the hacker got access to the database and was able to figure them out, changing them will make sure they don't know them if they try to hack you again.
As Sam mention changing the location of the ACP can be very helpful. BUT, to ensure even more security and safety, password protect that directory with a very secure password that you do not use on anything.
If you want to take an even further step, do some re write rules to only allow your IP (or others you trust in to the acp) to be able to get into the ACP.

Check your logs. See if your able to find away on how they got into your backend or database to begin with. If you find out, make sure you fix the error. On top of this, make sure all of your software is up to date at all times.

FYI, as suggested by a user, I have removed the link to stop people from mistakenly clicking on the link that may or may not give them a surprise or two. Can never be to safe with hacked websites

 

[xpl0iter]

If you want to take an even further step, do some re write rules to only allow your IP (or others you trust in to the acp) to be able to get into the ACP.

Get a static IP/get a VPN and only allow that ip for the admin pages. This is the best way to prevent getting hacked imo.

 

[Masterpiece]

password protect via htaccess store password before public_html is another way to prevent hacker from getting in as well