Bug Possible Admin CP / Mod CP / DBSEO CP exploit attempt!

formentera

Customer
Right now I get this message:

Possible Admin CP / Mod CP / DBSEO CP exploit attempt!

Nobody can't access to the site, I dont understand what happened, please help!

Also, the apache error log says:

Got error 'PHP message: PHP Warning: strpos(): Empty needle in /dbtech/dbseo/includes/class_core.php on line 580\n'

In that line I see:

if (strpos($_redirUrl, self::$config['_bburl']) !== false)

Can someone help me? all my site is offline because that

SOS!
 

formentera

Customer
I restarted Apache, php and mariadb, seems is working now, but im very worried about this error. Thi is the second time that happened since yesterday

(The two times happened when I was editing templates (as always I did without problems), the only thing differnet is that yesterday I unninstalled a plugin that I was disabled for many years, the vbseo) Now Im wondering if this is related with this or not... and I just Im being hacked

Someody knows why this happens?
 

Fillip H.

Staff member
Owner
Developer
If you are using a custom AdminCP and ModCP path, you must also update your .htaccess file.

Go to your DBSEO CP and remove all custom 301 redirects and custom rewrite rules, as it's likely a mistake has been made in one of those settings.
 

formentera

Customer
I think that my AdminCP and ModCP path are the standard path:

On my .htaccess I have this:

RewriteCond %{QUERY_STRING} !dbseourl=
RewriteCond %{REQUEST_URI} !(admincp/|dbseocp/|modcp/|cron|mobiquo|forumrunner|api\.php|reviewpost/|classifieds/|photopost/)
RewriteRule ^(.*\.php)$ dbseo.php?dbseourl=$1 [L,QSA]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !/(admincp|dbseocp|modcp|clientscript|cpstyles|images|reviewpost|classifieds|photopost)/
RewriteRule ^(.+)$ dbseo.php [L,QSA]


¿I need to add something more?

In DBSEO CP all custom 301 in that area are disabled (//) since always I think



I really don't know what is happening (always did well) but now I feel scared because there are lot of people visiting the forum everyday and all this is out of my knowledge... ¿any suggestion for me Fillip?
 
Last edited:

formentera

Customer
I get another Possible Admin CP / Mod CP / DBSEO CP exploit attempt! message, and the website down.

The apache error logs say:

PHP message: PHP Warning: strpos(): Empty needle in /home/foroparalelo.com/public_html/dbtech/dbseo/includes/class_core.php on line 580\n', referer:

580 line: if (strpos($_redirUrl, self::$config['_bburl']) !== false)

Do you know what this problem might be? Is very frustating see how the website gone down every 2 days.
 

Fillip H.

Staff member
Owner
Developer
Can you show me the contents of your "Board URL" vBulletin Options setting? From the looks of it, this setting is empty, which is wrong.
 

DragonByte SEO

vBulletin 3.8.x vBulletin 4.x.x
Seller
DragonByte Technologies
Release date
Last update
Total downloads
6,736
Customer rating
0.00 star(s) 0 ratings
Top