Hack ?
By Danny Malouin on Thursday, 05 March 2015
Posted in Technical Issues
Replies 2
Likes 0
Views 391
Votes 0
Hi,
I have a few EasyBlogs running in diffferent websites. Greatt product. Over the past month or so, I've noticed a lot of them getting infiltrations of bogus posts from bogus accounts (hacks). The hosting env is secrured (proper files permissions) and no one has access to the DB not any loose FTP accounts. The hackers seem to get in through some Easyblog front end ?
Is there a way to secure this ?
Thanks
Danny
There are a few users reporting hacks/spams over the last weeks.
And if I'm not mistaken I think there was a - (one) - "suspicious" post in this (stackideas) forum too !

I want to know if it is a configuration problem or a real threat.

Therefore : I subscribe !
Supporter
·
Thursday, 05 March 2015 01:11
·
0 Likes
·
0 Votes
·
0 Comments
·
Hello Danny,

This is most likely due to your ACL configuration and it has nothing to do with any "hacking activity". This is what happens commonly on most sites. The "Registered" user group is configured to allow posting and publishing and the site allows anyone to register on the site.

The quickest way to fix this, is to only trust selective user groups by giving them the permissions to publish blog posts. Alternatively, if your site doesn't allow user's to register, disable registration altogether in the User's configuration area.
Mark
·
Thursday, 05 March 2015 10:05
·
0 Likes
·
0 Votes
·
0 Comments
·
View Full Post