Hacking problem!

[Saj]

Hello everyone, I host a server and I bought a dedicated server. I use theforgottenserver(the newest version) and Gesiors site. I've reoved phpmyadmin from xampp and still my server got hacked by a guy, I don't know HOW, but he managed to give everyone level etc.. So I wonder what can I do to protect my server?

 

[Alastorsz]

Oooh, I will use your hints charizard, thanks a lot, but I dont understood one part, can you EXPLAIM me, how to make a backup of the database? Step by Step pls, Im kinda newbie in that field.

 

[Saj]

@up same here, I would love to know how

 

[Gregor]

If you loss all datebase and you dont have backup you can do anything

 

[sorcerers king]

WoW Just search on the forums On pro for ur server!

 

[Blue Charizard]

Making a backup of your database can be done by either downloading MySQL administrator, and executing backups through there, or by downloading a program which executes backups automatically at a certain time.

To execute a backup manually using MySQL administrator, just do the following:

1. Download the MySQL GUI Tools pack from MySQL :: MySQL GUI Tools Downloads

2. Run MySQL administrator and login using either your root username/password, or use the user/password of a mysql user which has access to your otserv database.

3. On the menu to the left, click "Backup".

4. Click "New Project".

5. Give a name to your project, the file which contains the backup will have the name that you type in, follwed by the date and time when the backup was executed.

6. On the list below, click on the otserv database (or whatever name your otserv database uses)

7. Click on the ">" button, and make sure all the otserv database stuff has a checkbox.

8. Click the "Execute Backup Now" button.

9. Select where to save your backup.

10. Once the thing has finished, you now have a complete backup of your otserv database in the location you chose, which can be restored at any time.


There, i hope that will help a few people make their database a little less prone to complete destruction by scriptkiddie hackers that doesn't have a life

 

[Gregor]

Making a backup of your database can be done by either downloading MySQL administrator, and executing backups through there, or by downloading a program which executes backups automatically at a certain time.

To execute a backup manually using MySQL administrator, just do the following:

1. Download the MySQL GUI Tools pack from MySQL :: MySQL GUI Tools Downloads

2. Run MySQL administrator and login using either your root username/password, or use the user/password of a mysql user which has access to your otserv database.

3. On the menu to the left, click "Backup".

4. Click "New Project".

5. Give a name to your project, the file which contains the backup will have the name that you type in, follwed by the date and time when the backup was executed.

6. On the list below, click on the otserv database (or whatever name your otserv database uses)

7. Click on the ">" button, and make sure all the otserv database stuff has a checkbox.

8. Click the "Execute Backup Now" button.

9. Select where to save your backup.

10. Once the thing has finished, you now have a complete backup of your otserv database in the location you chose, which can be restored at any time.


There, i hope that will help a few people make their database a little less prone to complete destruction by scriptkiddie hackers that doesn't have a life

Its possible to connect using this program to other ip than local? becuse for me it dont working only localhost

 

[Alastorsz]

Hmmm, kinda hard, or hard to uinderstand xP, u said there is a program that make backups automatically, where I can download that program? and can u explain me to use that program too >.< Im shy to ask u that much but i really need it>.<.

Thanks charizard

 

[Blue Charizard]

Its possible to connect using this program to other ip than local? becuse for me it dont working only localhost

Yes its possible, just fill in the right IP/hostname and port, and you can connect to remote mysql servers too.
(however if you disabled root access from a remote machine, when installing mysql, you cannot connect to the root account from any other machine than the computer mysql is installed on)

Hmmm, kinda hard, or hard to uinderstand xP, u said there is a program that make backups automatically, where I can download that program? and can u explain me to use that program too >.< Im shy to ask u that much but i really need it>.<.

Thanks charizard

Well by program i ment "programs", there is alot of programs which does just that, though most of them is ment for big companies and costs money to use.
The program i use is called "Auto Backup for MySQL Professional Edition", however it costs money.
I dont know of any other program than that one, so i suggest you check google, allthough even if you were to get it, i cant really tell you how to manage that one, since its even more complex than MySQL Administrator.

 

[Alastorsz]

And what i have to do to disable the root acces from remote machine?

 

[7881374]

just change the root password and work with the new then the other will be aren't able to enter to ur serv Hope it's work!

 

[AnasAshraf]

why it's proplem i can give you a hacker make you hack real tibia!!!!

 

[Alastorsz]

No nono, I mean, Blue charizard said "you can manage your database from another pc thats not the server nor hoster", I want to disable thta, It is possible?

For example: If I write "<host-ip>/phpmyadmin", it acces to the database from another machine, Its possible to disable that?

 

[Nikkster]

why it's proplem i can give you a hacker make you hack real tibia!!!!

DUDE lol, why you stole my logo? Lawl, you seem to be a funny little noob.

 

[Tufte]

Use this guide to restrict anyone but you to enter PhPmyadmin. It's probably one of the safest ways.

For example:

$cfg['Servers'][$i]['AllowDeny']['order']  = 'deny,allow';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'allow % from 127.0.0.1';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'allow % from 123.456.7.890';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'allow % from 11.22.33.44';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'deny % from all';

This allows only those with the IP 123.456.7.890 and 11.22.33.44 to enter PhPmyadmin, aswell as your local computer (127.0.0.1). Ofcourse, you can take away one if you only want yourself to enter Phpmyadmin.

 

[7881374]

why it's proplem i can give you a hacker make you hack real tibia!!!!

DUDE lol, why you stole my logo? Lawl, you seem to be a funny little noob

hahaha Has the same pic hahaha Really Nice both!

haha Anasashraf Has only copied it haha ^^

 

[Mazen]

Use this guide to restrict anyone but you to enter PhPmyadmin. It's probably one of the safest ways.

For example:

$cfg['Servers'][$i]['AllowDeny']['order']  = 'deny,allow';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'allow % from 127.0.0.1';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'allow % from 123.456.7.890';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'allow % from 11.22.33.44';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'deny % from all';

This allows only those with the IP 123.456.7.890 and 11.22.33.44 to enter PhPmyadmin, aswell as your local computer (127.0.0.1). Ofcourse, you can take away one if you only want yourself to enter Phpmyadmin.

What file did you edit?

 

[amnart]

Hmm, Shahab
Might be my real friend Look his ip and tell me where he live

 

[Doonrak]

What file did you edit?

Its the config.php file in phpmyadmin folder.

 

[Saj]

Use this guide to restrict anyone but you to enter PhPmyadmin. It's probably one of the safest ways.

For example:

$cfg['Servers'][$i]['AllowDeny']['order']  = 'deny,allow';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'allow % from 127.0.0.1';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'allow % from 123.456.7.890';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'allow % from 11.22.33.44';
$cfg['Servers'][$i]['AllowDeny']['rules'][] = 'deny % from all';

This allows only those with the IP 123.456.7.890 and 11.22.33.44 to enter PhPmyadmin, aswell as your local computer (127.0.0.1). Ofcourse, you can take away one if you only want yourself to enter Phpmyadmin.

In the guide it doesn't say how and where, could u tell me how?

 

[Alastorsz]

Yes, I need it too, I Just want to know how to do that, I just want ME log into phpadmin by using localhost (127.0.0.1) not by external machines.