I have been hacked twice in 5 days

I have dolphin v6.1.6 and in the last 5 days I have been hacked twice - any advice on how to stop this?   One more and my host server said I am dropped from their service.

Impossible to answer without seeing your setup first.

Please use the search above, there have been 3 very detailed hack preventn guide

very often it is on some servers, that in php.ini register_globals is turned on, check and disable it

and find all hack folders and delete the files

this is just one choice...i had the same problems with it

where is this file/folder at and how do I disable it?

php.ini (sometimes called php5.ini) is in the root folder and should include a line that looks something like:

register_globals = off

for apache servers.

Also, DO NOT use ANY default text that comes with Dolphin with the exception of the menu. Using the "Default Quotes", "Orca Forum Titles", Powered by Dolphin, About Us dolphin software info, etc can all be searched for in a google search by hackers.

This simple search http://www.google.com/search?q=%22Powered+by+Dolphin+Smart+Community+Builder%22&sourceid=navclient-ff&ie=UTF-8&rlz=1B2GGFB_enUS264&aq=t

shows tons of sites that use dolphin. Hackers use this to find vulnourable websites. Once they find that yours has security flaws, then they're in.

found it and done

the php.ini is on your server (not ftp), look in your cpanel from host or contact the service from host.

look in your ftp where files and folders are, which are not from dolphin and from the last days when the site was hacked.

like i said, this is only one choice where the problems come from

ok.too late:)

any other ideas - I need to stop this or my server is dropping me

verify that your folder permissions are correct. Allowing writable permissions on the wrong folders is like saying "come right in" to a hacker.

thanks - I did have two that were 777 but switched to 755.

Which two? Some folders require 777 to allow media uploads, but I'm not exactly which ones for your version of dolphin. i am currently playing around with version 7.

Well - it happened, I was hacked for the third time and my hosting company dropped me like a bad habit - I need help looking at fixing my code, to stop this insanity - Anyone out there,who canlook at my code and fix my issues?

looking for someone to review my v6.1.6 code and find out how the hacker keeps getting in and can someone recommend a new server host, for us to use - thanks again for your advice

a lot of people like joombyte. click on hosting link above. You will have to look at your server log files to know for sure how the site got hacked. if your host dropped you, you may not have access to them anymore.

It would also be helpful to know at least for the person that is going to review the code is if you installed any mods on your site.

Primarily mods that are free from sources other then here or expertzzz.


To search through all of your code will take a lot of time, so it needs to be narrowed down. Common locations and modified areas.

they gave me acess to my cpanel still - and I have 15 days to transfer my info.   I will look at the host you recommended.   I am also looking for someone to review my code and server details to help me fix this issue - any suggesstions?

only dolphon, ray and orca - no other modifications are installed.   looks like the file hacked andturning into a phishing site was in my ray file - I can delete that but not sure how they keep getting in.

I have also been hacked twice in 3 Days!

Does anybody have a list of dolphin 6.x vulnerabilities ?

I have invested alot of money in servers, modding and advertising and my site keeps getting hacked.

In very strange places we can sometimes find the answers we are seeking.  It has never applied more than it does here...

http://www.expertzzz.com/forumz/?action=goto&cat_id=1#action=goto&topic_id=17799

The thread is a fight over stolen mods containing malicious code but it has something we calling Sammie's fix in it that helps to prevent issues of hacking via the Ray Modules