Yoh Asakura

@@mrlongshen These people must have a horrible life. I believe they have nothing better to do. It`s a shame. Try using symbols like $%{* and big and small letters and also numbers, for example D#w01^Csx*(W2@{am

Anyone would do it please?

I will use a free one. I believe SMF maybe is more fast than MyBB but MyBB has some beautiful themes...

@@Nebraskka As I said the problem was because my website was old, and the guy who made the website at that time he was not so good. But now he is updating all to me already. Thank you anyway.

Thank you everyone in this topic that tried to help. I believe with all these informations everyone can protect more their servers. I'm going to change to another company. I'm still deciding between GoDaddy and OVH. Besides the fact that GoDaddy is much more expensive than other companies but their Managed VPS comes with DDoS protection and also SiteLock Firewall protection, daily backups and cPanel. OVH just comes with the DDoS Protection and we have to pay for the daily backups, but it would still be more cheap than GoDaddy.

I've been looking for a very good web application firewall but I still didin't try any. I've already used Hostgator and GoDaddy's company and both of them are partners with SiteLock (which has the Web Application Firewall) and I know SiteLock has many partners. I've been searching and I've found some Firewalls, paid and free. What do you guys know about WAF? Since I'm receiving many DDOs Attacks and also SQL Injection and Cross Site Scripting I believe a good firewall may help a lot. Paids: SiteLock CloudFlare Sucuri Free: Smoothwall ModSecurity @edit SiteLock won prizes for being the best company to offer a web security, but I saw many users saying that they prefer Sucuri because SiteLock only wants your money (it's what users says).

@@Dogpatch I know many servers that uses Nulled IPB too. I always report to Invision Power and sometimes they take down some nulled forums. Why everyone prefer SMF instead of MyBB? I think MyBB has some beautiful themes and is also fast.

Which forum do you guys prefer? I've made a research and I believe most of people prefer the MyBB since it's free and seems better than the others, but I saw many users talking about SQL Injection on their MyBB forum and the reason is because of the addons that they add, some of them still have some bugs and might be exploitable. What do you guys think and know about? IPB Board is also really good but it's a paid forum.

@@Arei I appreciate the support you gave me. I didin't use any FluxCP custom themes nor even custom addons. I believe they did the SQL Injection because of my website...the coder just told me that the php of my website was very old and he will update all now and make it better.

@@Arei Maybe the registration form from my website... Anyway I won't use any CP/FluxCP as recommended by @@Dastgir

@@Arei Follow some screenshots of my server email. These things also appeared on my login table from my server database. It was definetly SQL Injection through my website contact page and also through my website donation confirmation page.

@@Arei I just called SiteLock and they've told me that I might have a Firewall, and they can provide me a good one, that helps to protect against SQL Injections, and they also have the deep scan...malwares, virus, malicious codes. SQL Injection Scan, etc. But it's like between $50~$140/month.

@@Arei But how they could know the tables of my script to make an SQL Injection? I also paid SiteLock to protect my website against SQL Injection, Malwares, virus...but they still hacked somehow.

@@Arei Thanks for helping. I will change company, I'm going to buy a VPS on Godaddy. At least there I can have their managed service, with security, monitoring and backups. And the VPS already comes with MYSQL (I was using BudgetVM without managed service, so I've made all the installations). And what do you mean that is possible to make a SQL Injection through my RO Scripts? o.o @@evilpuncker I was using Ceres CP when they first hacked the servers, but then I've changed to fluxcp and they still hacked, but I think it's not related with the Panels....I believe it's about the MYSQL. I may have not installed and secured it very well, and also can be my website. Maybe the guy who developed it didin't made the scripts so well...who knows.

@@Arei I wasn't using FluxCP when the servers were hacked. My website has a registration script to register new accounts, but I don't know how the hackers got access to all the servers accounts. I've also checked the IP's that logged on my VPS, and only my IP's appeared, which means that the hackers didin't get the acces of my VPS... Do you think is better having a Web Hosting for my site and a VPS for the server or better website and server on the VPS?

I believe the hackers did SQL Injection...I've saw many strange columns on my login table and also on my server email adress. I remember I had removed the remote login acess from MYSQL...and the passwords were very strong...

Never use phpmyadmin? I will use what? The hacker don't have access to my vps, this is impossible.

There's no difference since I've made all the installations...Dedicated or VPS will be the same.

Hello, I have three servers and recently all of them has been hacked somehow. I don't know how because I already let phpmyadmin acces only to my IP Adress and I also changed the phpmyadmin folder. Is there anyway I can protect my server? I believe it's about the MYSQL, php and phpmyadmin installation. Anyone could help me on this? Regards.

@@Emistry I really don't know how to do it, xD Could you show me an example so I can follow?

@@Zhao Chow Can you post the script that checks every second if anyone is AFK for 1 hour.?

@@Emistry I've just tested here and if I buy more than 1 item I will only receive the 1st item that I put to purchase and on SQL will only appear the 1st item too...

Solved. http://www.eathena.ws/board/index.php?showtopic=263157

@@evilpuncker Thank you for always helping people with their doubts. @@Dogpatch Thank you, I'll use the npc.

@@evilpuncker I believe you didin't get me. I would like a script for vote4points just like the quest_shop.txt script. A script that when you click it will open the shop window with the items to choose, not only the name of the items, but also their images.... after you choose and click on buy it will tell you how much POINTS OF VOTE it costs. It would also be nice to choose the quantity, and choosing the quantity it would change the amount of vote4points needed. Is it possible?