General Have you ever been hacked
- Thread starter Timelord_
- Start date
For discussions that don't fit other prefixes.
Ravenfreak
Trusted Contributor
Thankfully I've never been hacked, on my forums or in real life. I can imagine it's difficult to deal with hackers on a website, especially if they continue to get through every time you try and move hosts or find solutions to block them from accessing your webserver.
Cedric
ready to reach your impossible?
Back in 2006, I got my password cracked by someone. It was awful. Definitely learned to have a good password since then. Then in 2008, one of my staff members password got cracked, also doing some serious damage to the forum. Never recovered that completely.
We were kids then, and there weren't things like 2FA. It was on InvisionFree. That was a time of 2-3 years where everyone tried to crack anyone. As if that was something to be a "cool kid". Admittedly, I've done the same thing to someone back then, but never did any damage. The guy used his real last name as a password. I've let him know and he changed it.
We were kids then, and there weren't things like 2FA. It was on InvisionFree. That was a time of 2-3 years where everyone tried to crack anyone. As if that was something to be a "cool kid". Admittedly, I've done the same thing to someone back then, but never did any damage. The guy used his real last name as a password. I've let him know and he changed it.
InMyOpinion
Trusted Contributor
I've never been hacked but I did work with someone who ultimately blocked me once I got the forum all setup and ready to open. We were supposed to be co-admins but he decided to kick me off the site right before the grand opening. He was the tech person and I was more of the forum setup like membergroups, posting etc. This happened over a decade ago and I still see the prick online roaming the forums. It's so disappointing and frustrating but it is what it is. I just know not to ever work with him again. Thankfully I haven't seen him on this forum so I'm pretty happy about that.
1stop
Engaged Member
It has happened to me before but I was so lucky that the security measures was able to detect the hacking attempt and I quickly shut down the site, then later updated the plugins , change password and also implement some additional security measures to cover up the loopholes. It was indeed a stressful experience but it I was able to control the situation.
Matthew
Active Participant
I’ve personally not been hacked. However, I’ve dealt with hacked staff members. I was an administrator on a RuneScape private server many years ago. One of my moderators got hacked and started banning everyone. I was able to quickly login and ban the moderator until an investigation was able to be held. From that point forward, we implemented certain protections that prevented abuse on mod accounts.
fdk
Content Specialist
I've never had any of my own admin/mod accounts compromised, but on one of my forums I did once have one of my Moderator's accounts compromised and it resulted in some pretty hefty damage, with a few hundreds threads and a couple thousand posts being deleted by the malicious party, and several users banned or limited, before the damage was able to be stopped.
Ultimately, I had to perform a rollback to around an eight hour old backup, which resulted in the loss of 500-something posts and a bit of manual work to fix things that had occurred on the site. Luckily it wasn't too onerous, and the Moderator was heavily apologetic and received advice on password security. We also implemented 2FA for staff (2FA was in its relative infancy at this point, too) at this point, which meant we never had any further issues in the future.
Ultimately, I had to perform a rollback to around an eight hour old backup, which resulted in the loss of 500-something posts and a bit of manual work to fix things that had occurred on the site. Luckily it wasn't too onerous, and the Moderator was heavily apologetic and received advice on password security. We also implemented 2FA for staff (2FA was in its relative infancy at this point, too) at this point, which meant we never had any further issues in the future.
Oh god, yes.
I forget when exactly, 2010 maybe? My forum had grown somewhat successfully. I had lots of activity and decided that I needed additional staff to help moderate different areas of my forum. I put out a notice that I was looking for candidates, with very strict guidelines. X number of posts, Y length of time, Nominees were then vetted among the other members in a democratic fashion.
Anyway, all was well, until somebody who was assumed to be trusted somehow got administrative access and locked me out. Fortunately, at the time, I hosted my own server, so it was just a matter of executing the service apache --stop command (I think, it's been years) and that halted the guy in his tracks. Because I had everything self hosted, removing his access and restoring mine via MySQL commands was fairly painless, just annoying. Mostly because I... we the community as a whole, were betrayed by this guy.
So maybe this wasn't an outright hacking, but it was still a mess to clean up.
I forget when exactly, 2010 maybe? My forum had grown somewhat successfully. I had lots of activity and decided that I needed additional staff to help moderate different areas of my forum. I put out a notice that I was looking for candidates, with very strict guidelines. X number of posts, Y length of time, Nominees were then vetted among the other members in a democratic fashion.
Anyway, all was well, until somebody who was assumed to be trusted somehow got administrative access and locked me out. Fortunately, at the time, I hosted my own server, so it was just a matter of executing the service apache --stop command (I think, it's been years) and that halted the guy in his tracks. Because I had everything self hosted, removing his access and restoring mine via MySQL commands was fairly painless, just annoying. Mostly because I... we the community as a whole, were betrayed by this guy.
So maybe this wasn't an outright hacking, but it was still a mess to clean up.
Similar threads
