• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

Something is wrong with mi ot 9.6 !!

martinadicto

martinadicto

New Member
Joined
Jan 10, 2011
Messages
21
Reaction score
1
One player I had said that I had to miss teleportation to ghazbaran, then check the logs talkactions of my ot, I was surprised, I saw a lot of strange names were there, all dated since I opened the game, but to find the names in the database or on the website say it does not exist and make a loot give money, donator things and more, help !
 
Sort by date Sort by votes
Let me understand, somebody hacked your server?
Okay, this is most probably that someone has access to your db, do you have secured phpMyAdmin? are you using gesior?
Switch to Modern AAC and UniServer, don't forget to delete webdav and webalizer folders into xampp folder.
 
Upvote 0 Downvote
Loney said:
Let me understand, somebody hacked your server?
Okay, this is most probably that someone has access to your db, do you have secured phpMyAdmin? are you using gesior?
Switch to Modern AAC and UniServer, don't forget to delete webdav and webalizer folders into xampp folder.
Click to expand...

ok, i deleted webalizer folder, but I do not think that's what's going on, because when I put http://myno-ip/phpmyadmin/, I get the following, Sin título.jpg

so, what you think ?, That should be safe phpadmin right?

- - - Updated - - -

- - - Updated - - -

Evan said:
I am very confused, can you be more specific of your problem?
Click to expand...

in my logs folder, then the folder talkactions. creates text files with the names of players that run talkactions, the problem is that these players are not even registered in my phpadmin or web, and creating items such as money, things donator, etc.. maybe I have a bad setup and was wondering if anyone could help me not to do this.
 
Last edited:
Upvote 0 Downvote
maybe they change their name once they done the creation ?!

or maybe they are already was on the log folder before you use the ot ?

if not then check the items on your database then you can catch the hacker ..
 
Upvote 0 Downvote
You host locally or via a dedicated server? If the latest, check RDP audit logs first.
If you lost locally, I hope they didn't get access to your filesystem, then your pc could've been messed up.

Make sure port 3306 is closed, or whatever mysql port you use. Consider switching to Uniserver since it's by default more secure compared than Xampp, or install Apache/MySQL yourself.
Remove phpmyadmin from your webserver, no matter what, do never run phpmyadmin on your server, or any other web-based database management software.
 
Upvote 0 Downvote

Similar threads

ralke
  • Question
AAC Paypal automatic payments doesn't load points on ZnoteAAC
Replies
4
Views
776
ralke
ralke
J
  • Question
Auctionssystem problem
Replies
2
Views
350
jareczekjsp
J
J
  • Question
Auction system Problem
Replies
0
Views
268
jareczekjsp
J
B
Any really creative / out of the box OT out there?
Replies
8
Views
1K
Beo
Beo
potinho
  • Question
Lua [TFS 0.X] Auction System (Trade OFF) - Bug charges
Replies
1
Views
373
potinho
potinho
2
  • Question
owner of the item purchased in the game shop
Replies
9
Views
857
2057623
2
Back
Top