Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Post New Thread Reply

Register GFY Rules Calendar
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed.

 
Thread Tools
Old 11-03-2015, 11:46 AM   #1
skirtcake
Registered User
 
Industry Role:
Join Date: Jul 2014
Location: SLC
Posts: 95
My site has been hacked and brought down TWICE in the last 24 hours.

I own and run MormonGirlz.com. We're getting seriously attacked and while I'm working on increasing my security (Cloud Flare) I'm also wondering how to track down whoever is doing this. Isn't it highly illegal? Any thoughts on what I can do?

Thanks for your help!
__________________
* mormongirlz.com
* twitter.com/mormon_girlz
* mormon-girlz.tumblr.com
skirtcake is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 11-03-2015, 12:26 PM   #2
DamnSexy
The one and the only
 
DamnSexy's Avatar
 
Industry Role:
Join Date: Aug 2015
Posts: 633
Quote:
Originally Posted by skirtcake View Post
Any thoughts on what I can do?
If your website was hacked, means your code is not secure, you should first take a look there, to see which part was exploited.

You are using a Free cloudflare plan ?
DamnSexy is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 11-03-2015, 01:17 PM   #3
skirtcake
Registered User
 
Industry Role:
Join Date: Jul 2014
Location: SLC
Posts: 95
Yep, on it. And I'm not sure what cloudflare plan I will use. Haven't done it yet. Recommendations?
__________________
* mormongirlz.com
* twitter.com/mormon_girlz
* mormon-girlz.tumblr.com
skirtcake is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 11-06-2015, 11:04 PM   #4
pornsprite
Confirmed User
 
pornsprite's Avatar
 
Industry Role:
Join Date: Dec 2009
Location: Texas
Posts: 1,643
I like the concept
__________________
Go Fuck Yourself
pornsprite is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 11-07-2015, 03:10 AM   #5
j3rkules
VIP
 
j3rkules's Avatar
 
Industry Role:
Join Date: Jul 2013
Posts: 22,105
Any site can be hacked if enough time and effort are put in. Therefore, your site security also needs to address the need to backup your site to be able to recreate it.

To remove your site from what hackers consider "Low Hanging Fruit" do the following:
No usernames should be admin and no passwords should be similar to the site name or have dates associated with you personally.
Keep Wordpress, your plugins and your theme updated to the newest versions.
Turn off comments completely. This is optional but strictly for site security, it is preferable.
Be sure you are backing up your site frequently as well.
j3rkules is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 11-16-2015, 04:59 AM   #6
nightslit
Confirmed User
 
Industry Role:
Join Date: Oct 2013
Location: France
Posts: 226
If you are using wordpress I recommend WordFence and also to relocate the login page (all cms are having the same url structure). Then I would also change all passwords/usernames. Another thing to do is setting up cloud fare as you mentionned, the détails for each plan are on their website. But even normal (free) plan are more secure as all traffic il filtred a minimum.
Then why not looking into the connection logs (in your cpanel) and see what ip adress caused this? Then blocking the ip will be simple.. (or the domain/internet seller).
__________________
email: [email protected] email me for link trades/hardlink exchanges
ICQ : 665974711
my sites: http://hardcoreteenfuck.com
nightslit is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 10-15-2016, 03:31 AM   #7
marlboroack
So Fucking Banned
 
Industry Role:
Join Date: Jul 2010
Location: ☣
Posts: 9,327
Hire a security team
marlboroack is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 11-29-2016, 12:32 PM   #8
ketheriel
Registered User
 
Industry Role:
Join Date: Nov 2016
Location: Aveiro, Portugal
Posts: 8
Being attacked is one thing, being owned is another; While DDoS/DoS can be countermeasured by your operator and as a last line of defense, yourself (or your bofh), being owned usually means someone exploited your code either through SQL injection or other security vulnerability. Finding the full extent of an infiltrated server can take some time and is a very demanding task. There are scripts which might work up to a point, but usually the diagnosis and post mortem are done with the file system on read only and by comparing the hashes of the files with a network copy/backup.

While I might help this one time for the fun of it (assuming it's a POSIX compliant system), I won't fix other peoples code.

Message me if you want my skills on this one!
ketheriel is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 01-05-2017, 03:04 PM   #9
nosaint
Confirmed User
 
nosaint's Avatar
 
Industry Role:
Join Date: Jan 2017
Posts: 29
I don't think you can track them down just because they attack your website. They usually do this using lots of other hacked sites/servers. Probably you could track them only after being hacked if they are stupid enough to leave any traces.

But, the questions is... what does "seriously attacked" means? Is it a DDOS attack? Then it means they simply want to disrupt your services. That is usually the competition.
Are they trying to find exploits? Are they trying to access your admin area using a dictionary attack?
nosaint is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 01-05-2017, 03:22 PM   #10
j3rkules
VIP
 
j3rkules's Avatar
 
Industry Role:
Join Date: Jul 2013
Posts: 22,105
11-03-2015

This is an old thread. Why you even respond to that?

j3rkules is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 01-05-2017, 03:33 PM   #11
bns666
Confirmed Fetishist
 
bns666's Avatar
 
Industry Role:
Join Date: Mar 2005
Location: Fetishland
Posts: 11,494
probably to reach 30 posts so he can post urls
__________________
CAM SODASTRIPCHAT
CHATURBATESKYPE SEX CAMS
bns666 is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 02-21-2017, 09:18 PM   #12
redsfv89
Confirmed User
 
Industry Role:
Join Date: Oct 2013
Posts: 221
I hate to tell you this

I hate to tell you this, but I am a former hacker, and I deal with sites and security consulting now. First off it's wordpress, or Joomla you got problems. and if you are hiding behind cloudflare does know good, it's still possible to get your physical ip address, and that is the flaw with cloudflare, contact me on skype: john.sexmex I can help you.


Quote:
Originally Posted by skirtcake View Post
I own and run MormonGirlz.com. We're getting seriously attacked and while I'm working on increasing my security (Cloud Flare) I'm also wondering how to track down whoever is doing this. Isn't it highly illegal? Any thoughts on what I can do?

Thanks for your help!
__________________
Tony "Motha Fuckin" Montana @ EXPOSEDLATINAS.COM
redsfv89 is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 02-21-2017, 11:43 PM   #13
yuu.design
Too lazy to set a custom title
 
yuu.design's Avatar
 
Industry Role:
Join Date: Mar 2006
Location: Argentina
Posts: 25,924
sad to hear
__________________
Beautiful And Usable Web Design Creations For The Adult Industry Since 2003
I'm Yuu, Designer and Content Producer

Paysites - Affiliate Programs - Dating & Cam Sites - Mainstream Projects - Tube Sites - Banners - Wordpress Themes - NATs integration - Landing Pages

Check my Portfolio and Content Production Offers
yuu.design is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 02-22-2017, 08:31 PM   #14
xXXtesy10
Fakecoin Investor
 
xXXtesy10's Avatar
 
Industry Role:
Join Date: Jul 2012
Location: New Delhi, IN
Posts: 7,128
Quote:
Originally Posted by redsfv89 View Post
I hate to tell you this, but I am a former hacker, and I deal with sites and security consulting now. First off it's wordpress, or Joomla you got problems. and if you are hiding behind cloudflare does know good, it's still possible to get your physical ip address, and that is the flaw with cloudflare, contact me on skype: john.sexmex I can help you.
__________________
WARNING: Stay Away From Marlboroack aka aka Brandon Ackerman
https://gfy.com/21169705-post8.html
Donny Long is Felon, Stalker, Scammer & Coward
http://www.ripoffreport.com/reports/...lon-int-761244
xXXtesy10 is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 03-08-2017, 08:22 AM   #15
Duckers
Confirmed User
 
Duckers's Avatar
 
Industry Role:
Join Date: Dec 2016
Posts: 30
that's funny
Duckers is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-05-2017, 09:19 AM   #16
gamejump
Registered User
 
Industry Role:
Join Date: Sep 2011
Posts: 31
see even the wordpress are gets hacked
you have not mentioned on which cms your site is
gamejump is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-14-2017, 04:20 AM   #17
magneto664
God Bless You
 
magneto664's Avatar
 
Industry Role:
Join Date: Aug 2014
Location: Glasgow, $cotland
Posts: 1,467
Quote:
Originally Posted by skirtcake View Post
Yep, on it. And I'm not sure what cloudflare plan I will use. Haven't done it yet. Recommendations?
Cloudflare don't save your ass from hackers!
1. Always update your wordpress ASAP.
2. Keep updated plugin
3. Remove old plugins and try find paid solutions
4. buy https://codecanyon.net/item/hide-my-...dpress/4177158
5. use backup system to restore working version when you need it.
__________________
magneto664 📧 gmail.com
Adult Backlinks 💘Best Website Stats 💘 Best CDN for Adult Content
My Fav: 👍Chaturbate 👍 Stripchat 👍 Dateprofits 👍 AdultFriendFinder
magneto664 is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Post New Thread Reply
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >

Bookmarks

Tags
flare, highly, illegal, track, wondering, hours, brought, site, hacked



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.