I had 100,000 users and over 300,000 posts on my forum, but then lost it all...

Thanks Sam,

I had a virtual dedicated server and one day all the space was gone. I never could find the problem. Tech support wanted me to change to plesk as they offered no support for cPanel and a very nice Warrior tried to find the problem and never could.

Finally I just moved all my stuff to a little $9 a month hosting service and never had another problem.

I'm glad you brought this up, let's me know I'm not alone on such things.

George Wright

Hmmm, interesting...did you get any search engine traffic at all from those posts?

You could have started charging admission for that much porn.

Garrie

Is DLR Guard the software you use to rectify the situation

Hi George,

That's strange! Another spot space gets taken up is the cache files in your "tmp" folder for your stats software. These can quickly sneak up on you!



I didn't check originally, so I just had a look now - I got about 40 hits for each of the keywords: video, videos, credit, viagra.

Thinking about it, I probably should have redirected it to a credit affiliate program...that would have been smart. I still might do that, actually - thanks for the idea




Haha, yeah I didn't think that one through real well



Nope, DLGuard is security for when you're selling products.

This forum was just spam, and all I did was delete the forum. Nice and easy

But it's a good example of why you should implement a decent CAPTCHA or similar system in forums

cheers
Sam

That is such a shame Sam, I was enjoying your daily top ten newsletter...

Oh my gosh Sam! Thanks for the warning! I'm just getting my feet wet in web hosting, so I now know what to look out for... I'd hate to be a porn hoster!

Stacey

If you're going to install free software packages on your site, like phpBB, WordPress, Joomla, Drupal, etc... you MUST keep them up to date. As they are used by so many sites and are open source, they are targeted by hackers. Once they find an exploit, they can hack millions of sites instead of just one.

The software makers generally release updates to fix these vulnerabilities when they are found, but you must keep on top of watching for updates and installing them.

If you don't, the consequences could be much more dire than this. You could end up losing a customer database with personal information resulting in a lawsuit if the information is misused, or hosting porn without knowing it and facing long jail time and huge fines for not complying with the record keeping requirements anyone that hosts porn in the US must comply with.

Not being aware you're breaking a law is no defense, just ask the Kazaa users that didn't even know they were sharing any music they downloaded with others, then were sued and lost hundreds of thousands of dollars against the recording industry.

Haha, sorry James, I'll see if I can start a new one up for you!



No worries Stacey, I'm glad I could help! As Dan said, as long as you keep your software scripts up to date and you use the security they give you, you should be fine!

The problem I had was I didn't bother putting any security in place because it was just a test forum, it was never meant to be public. Then I forgot about it!

I wasn't actually hosting any files, though, it was just all link posting. It's amazing how large those can get!



Hahaha, I've always suspected! Devious little fella's...


cheers
Sam

Good Morning Sam, I can fully appreciate your situation. Your post is a good warning for everyone to remember to stay up to date with security. We were hacked and taken off-line by the hackers 4 times within the first 6 months this year. Finally, we found all of the hidden bots and files in our root level. The tmp directory was the biggest problem. My suggestion to everyone, based on all of the headaches we encountered... use a good ftp program and look inside your root directory, make sure you are able to view hidden files, check the file sizes and the dates last accessed. If anything looks suspicious, contact tech support at your hosting company immediately.

We actually found a phishing program designed to spam email people looking for credit card and account numbers for Wells Fargo Bank. I turned everything over to the highest level security in our Government, and they caught the people.

If you use WordPress, there are several excellent threads here on the Warriors site regards that exact subject. We use almost every suggestion posted as part of our security wall, and have not had one problem since implementation.

(And now my shameless plug for Sam/DLGuard)
If you are selling downloadable digital products, you need to be using Sams DLGuard. It is worth every penny and more. The piece of mind we have using DLGuard is beyond comprehension.

PAS

Hi Paul,

Wow, sorry to hear about all the hack attempts!

Glad you got it all sorted though!

And thanks for your shameless plug for DLGuard - I'm glad you're enjoying it





Hi Michael,

Heh, yeah phpBB v2 out of the box is certainly open to attacks. From what I hear v3 is better.

With v2 I just did a quick modification to the signup form to ask a simple maths question, and that stopped all the spam.

So that made it easy

cheers
Sam