Administrator

If you have a very large amount of followers on a forum, and for some reason you want to clear this out, you can use the following query to do so, please run a mysql backup before doing so.  Replace "36" with the proper forum ID. 

delete from core_follow where follow_app = 'forums' and follow_area = 'forum' and follow_rel_id = 36

The latest news on the hacking front is that a Russian hackers has obtained 272Million accounts from Google, Microsoft, and Yahoo accounts. The truth to the matter is not if you or one of your accounts will get compromised, but when. The best prevention however is two factor authentication, this is an added secondary authentication method to protect your accounts, even if someone does obtain your password, it's pretty much useless if you have two factor auth enabled. It's worth noting that each of these services offer two factor authentication, so use it!   

If you have any of the above accounts, please login to them now and update your password.

If you follow three steps on all of your accounts, you will be much safer.

1. Use two factor Auth on every account that offers it.
2. Use a unique password on every account, never use the same password twice. (EVER!) 
3. Use a password manager if needed to keep track of many accounts if needed, such as 1password or Lastpass.

Quote

FRANKFURT: 

HIGHLIGHTS

1. Over 272 million usernames & passwords stolen in major security breach
2. They include details of Gmail, Microsoft and Yahoo email users
3. Russian hacker has asked for less than $1 for all the stolen credentials

 

 Hundreds of millions of hacked usernames and passwords for email accounts and other websites are being traded in Russia's criminal underworld, a security expert told Reuters.

The discovery of 272.3 million stolen accounts included a majority of users of Mail.ru, Russia's most popular email service, and smaller fractions of Google, Yahoo and Microsoft email users, said Alex Holden, founder and chief information security officer of Hold Security.

It is one of the biggest stashes of stolen credentials to be uncovered since cyber attacks hit major US banks and retailers two years ago.

 

 

 

Holden was previously instrumental in uncovering some of the world's biggest known data breaches, affecting tens of millions of users at Adobe Systems, JPMorgan and Target and exposing them to subsequent cyber crimes.

The latest discovery came after Hold Security researchers found a young Russian hacker bragging in an online forum that he had collected and was ready to give away a far larger number of stolen credentials that ended up totalling 1.17 billion records.

After eliminating duplicates, Holden said, the cache contained nearly 57 million Mail.ru accounts - a big chunk of the 64 million monthly active email users Mail.ru said it had at the end of last year. It also included tens of millions of credentials for the world's three big email providers, Gmail, Microsoft and Yahoo, plus hundreds of thousands of accounts at German and Chinese email providers.

"This information is potent. It is floating around in the underground and this person has shown he's willing to give the data away to people who are nice to him," said Holden, the former chief security officer at US brokerage RW Baird. "These credentials can be abused multiple times," he said.

Source

Updated to 4.1.11

test

Updated to 4.1.10

Tweet  !  Tweet !  Easter Greetings .. :) by Mr. Happy Face - Peace :), on Flickr

http://postimg.org/image/ud92m0lvx/

https://en.wikipedia.org/wiki/Rubik%27s_Cube

https://en.wikipedia.org/wiki/Rubik%27s_Cube

test

You tube

Twitter

Test

Facebook

There are many ways for a site to get compromised however most are the same result, hackers either try to use your site to serve malicious files, or try to redirect your users to infected sites.

Here are some things that are common that hackers do that you should look our for.

1. They will always try to leave behind a file or two as aback door into your system, it's a good idea to understand what files are good files and what files are bad. To do this you can compare the file set of your site to a fresh file set from a download. 

2. Look for files with odd or random .php extensions, here are some examples, these are not exact names, but examples of a typical naming structure, they will either be short and sweet like sh.php or a random string followed my .php

zx.php
sh.php
123482379874hjsdf8734.php
dsfjklsadjfklasdjfklads.php
ipbfirewall.php

When inspecting any files and you see any reference to ipbfirewall, this is not a real product or item, it's bad code left behind made to look like it belongs, so you can safely delete it.

Example of IPB_Firewall code that IS NOT FROM IPS

if ( ! defined( 'IPB_FIREWALL' ) )
{
    define('IPB_FIREWALL', 1);

    /**
     *  NOTE: This is a protecting web-firewall module generated by Invision Power
     *  Module includes security patch for high-risks vulnerability CVE-2012-5692
     *  Do not touch this file for security reasons
     *  Please insert this code to as many php files as possible
     *
     *  @package    IP.Firewall
     *  @version    $Revision: 9544 $
     *  @md5        e66e6cadd6e13efea54ed50c0eb2d32b
     *  @sha1       6966286d64352840245f5b2248545450
     *  @crc32      5f51554f5445225d293d3d2463732965
     */

These are most commonly placed in the root directory, /cache, /public /uploads or other areas.

3. Another thing to look for are odd folder names, you can again compare your folder structure from a fresh download of files to compare them, they will often create odd names directories or try to mimic an existing name as well. 

Here is what a standard folder/file structure looks like for the forum directory



Here is what a typical /cache folder looks like as well



4. If you see any odd files in those folders that do not belong, odds are they do not belong there, you can open the file to inspect the code as well to see if it looks like a legit file or not. Keep in mind if you have third party add ons or other apps installed, these can often also require other files. 

5. After you have cleaned up any bad files, the next step is a fresh file upload of the board and all apps that you have installed. You can download these from the client area, upload them via FTP, making sure to over write any and all existing files.

6. After that is done, log into your admincp, and you will see a "Furl cache out of date error" please click the option to "Rebuild Furl Cache" to correct that error. This is normal and due to the new files that were just uploaded.

7. Rebuilding HTML & CSS and Recaching your skins. Often times there will be an infection deep inside of your templates or code left behind, this is done via a direct file edit to your skin files, rebuilding and recaching will often clear this out. 

To do this select "Look & Feel" from the tabs, then select "Manage Skins and Languages" Then on the left side you want to select "Template Tools




You will then see an option to Rebuild Master Skin Data, select HTML & CSS from this and also all of your apps as below.




After that is completed, then select the Template tools again and now at the top select "Re-Cache Skin Set's"




8. Often times a offender will also dig into your language files and infect them as well, to correct this, select "Look & Feel" > Manage Languages, on the language pack effected, select the drop down menu to the right and then "Rebuild from XML" This will rebuild your language files for you. If you are using a third party or custom language file, please re-import the language pack to correct any issues.



9. Another common issue that I have seen is offenders modifying your .htaccess, conf_global.php, initdata.phpor index.php files and adding extra code to them for re-directs or other purposes, please inspect all of your .htaccess index.php and conf_global.php files for proper code. Over writing the new file set for the board files will correct the index.php and initdata.php files, however not the .htaccess or conf_global.php

10. The last thing you want to make sure of is that you have changed all of your admins passwords on your forum, your FTP access details, and any control panel access as well. In most cases I even recommend updating your mysql database password too. See your host for details on that if you are not sure how to update the mysql password.

11. Reimporting your hooks is another item that should be done as well, from the admincp > manage hooks > re-import all hooks

12. The last step is to run the tools from the system security area Admincp > System > System > Security Center

Welcome to IPS Hosting, here is a quick guide that will outline the conversion process on our hosting.

1. First check to see if your current platform is supported by our converter application

2. Next turn your existing community offline, then prepare a mysqldump (backup) of your existing community's database. Then copy any images or attachments that are not stored in the database on your existing software. This is normally any attachments, smilies, user profile images etc.

3. Locate your IPS Cloud Hosting FTP information and upload the database and any files needed from the old community to your hosted account, it's best to create a new folder in your home directory named something like /oldsite etc for ease of locating these items later during the conversion process. For more information about using FTP, please see this video tutorial we made.

4. After the items are uploaded, please file a support ticket in our hosting department, stating you are converting from another community, and that you have followed this guide and uploaded your items.

5. We will then import your database to your existing database here on IPS Hosting, ensuring that it's using a table prefix. We will also provide you with this prefix as you will need it in the first step of the conversion process.

6. Now you can download and install the converter application to your hosted community. The process is the same as any app install; Download the file from the marketplace, then unzip this on your computer, then upload the contents of the "upload" folder to your "public_html" folder (default IPS install location) Then proceed to your admincp > manage applications > then on the right side you will see the converter app and an "install" link, select the "install link" to install the app.

7. Now you can begin your conversion. To do so, go to admincp > other apps > converters > start new conversion > select the software you are converting from and you will see a screen asking for your database details. Most of this information will be pre-filled, but not all. You can locate your current database information via FTP in the file of public_html/conf_global.php. You will also need to ensure you enter the prefix we provide to you in this step. This will tell the converter app to use your database here, but use the tables with the prefix that are from your old software.

8. At this point you will see a list of items that you will be converting, you will see some source rows and local row information, this is the data from your old community (source) and your IPS install (local)

9. It's very important that you start at the top of the list, and process each step in order, do not skip any steps or it will break the conversion and corrupt the data, if you need to re-run any of these steps, you must re-run each item below it also. (This is very important, and must be followed exactly.)

10. Once the conversion is done, you will be prompted to "finalize" the conversion. At this point the software will recount items, such as post counts, forum data and more. This must be completed or the forum data will be corrupt and show guest_usernames etc.

11. Once that has completed, as noted on the last step, you must set your forum permissions, to do this please go to your admincp > forums tab > then select the very top forum or category and select the drop down from the right hand side of the screen, then select permissions. Set each member group's permissions for that category or forum you are editing, then select "save and next". At that point you can manually edit each forum, and will also have the option at the top of the screen to copy permissions from another forum. This will speed up the permission process if you have many forums that need the same permissions.

12. At this time you can browse to the front end of your community and login, you should review your site for any issues from the conversion. If you see any issues that need attention, please reply to your existing support ticket with these items, ensure you provide an admincp username and password also so we can access the converted site.

13. Once the conversion is completed, you must reply to the conversion ticket in hosting and let us know you are finished, at this time we will ensure we remove the old database tables from your imported data, and the files on the /oldsite, this will ensure you are not using valuable disk space on your community and keep things clean.

When you renew your license all applications on it will be renewed. The renewal fee will be the total of the applications on it. If you no longer wish to use any particular application you can deactivate it and your renewal fee will be updated accordingly.

You can deactivate and reactivate applications through the client area without contacting account assistance.

About Deactivations

Keeping your license active entitles you to technical support and downloads for the applications on your license. In addition, an active license with at least one application entitles you to a number of IPS Extras including:

• The Spam Monitoring Service
• The Visual Skin Editor
• The IPS Marketplace
• A free IP.Chat room with a 5 user limit

Deactivating an application

You can deactivate any individual application. When this is done, you will immediately lose access to technical support and downloads for that application.
You must also have at least one application active in order to receive the extras mentioned above.

After an application has been deactivated, the renewal term for the license or hosting account it is associated with will be immediately adjusted.

You can reactivate it at any time, however you will need to pay the reactivation fee for the application in order to catch up with your license or hosting account.
For example, if you have IP.Gallery (renewal term $10 per 6 months) and you decide to deactivate it, the renewal fee for your license will immediately decrease by $10 per 6 months when you do so. If you decide to reactivate it later, you will need to pay a reactivation fee of $10.

See below for instructions how to deactivate.

Cancelling your entire license

If you decide that you do not want to renew your license at all, you can cancel the entire license. When you cancel your entire license, it is the same as deactivating each application on it individually. You will immediately loose access to technical support, downloads and the IPS Extras described above. In order to reactivate, you will need to pay the reactivation fee for each application.

See below for instructions how to cancel.

Cancelling your hosting account

If you have a hosting account and decide to cancel it, it will remain active until it's expiry date, at which point it will expire and no renewal invoice will be sent to you.

You can reactivate it within 30 days of the expiration by renewing as normal. After 30 days, the account will be deleted from the server and will not be possible to recover.

See below for instructions how to cancel.

How to Deactivate

1. Go to Purchases area in the client area. You will see a list of all your purchases:

2. Click on the license which contains the application you wish to deactivate.

3. To cancel the entire license or hosting, click the "Cancel" button.
 
Or to deactivate applications, click the "Manage Your Community" tab, and click the "Deactivate" link next to the application you would like to deactivate:

4. You will see an information screen explaining the implications of deactivating that particular purchase. Click the "Deactivate" button again to confirm.

Reactivations

1. Go to Purchases area in the client area. You will see a list of all your purchases:

2. Click on the license which contains the application you wish to reactivate.

3. Click the "Manage Your Community" tab, and click the "Reactivate" link next to the application you would like to reactivate:

4. You will be taken to the payment screen to pay the reactivation fee.

From time to time you may want to change your licensed URL. This guide shows you how.

To change your licensed URL, please visit your Client Area, and click the Purchases tab. From this page you are able to manage your licenses.

Select the license which you wish to edit, and on the next screen you will see all of the details of your license. Next to your licensed URL you should see a link which says "Change". Click this to change your license.

Your licensed URL will now be reset, and you will see the following notice:

You should now visit your AdminCP on your new URL, navigate to the System tab, and select License Key under Tools & Settings. On this page, enter your license key (or click reload if your license key is already entered), and this will re-set your licensed domain. (Read More Here)

Our IPS Cloud communities have a specific setup needed to apply your own domain or sub domain to your community. Below is an outline of each method.

1. Use your own www.domain.com on your IPS Community in the Cloud.

(NOTE: This option would be used when you are using your domain only for your IPS Community in the Cloud; If you are using another software for a Home Page with another hosting provider, then use the Sub Domain method below)

a. Set your Name Servers for your domain to use our Name Servers of NS1.IPSLINK.COM and NS2.IPSLINK.COM

b. Once that is completed, submit a ticket to our hosting department with the name of your domain, stating that you have updated your name servers to ours. We will test this and then apply this to your community for you.

c. If you use email on this domain, please note that we do not offer email services, so if needed, please provide your own MX Records for your domain, and we will update them to point your email to your own mail provider.

d. Please note we do not allow additional A Records or other edits to your DNS when using our Name Servers. If this is something you need to retain access to, please use the sub domain method below.





2. Use a Sub Domain for your IPS Community in the Cloud, an example of this would be forums.domain.com

(NOTE: This option would need to be used when you DO have an existing site at your domain and want to preserve that site and its contents.)

a. Please create a CNAME for "forums" (or the prefix word of your choice; community, board, etc.) pointing to the URL you setup when you purchased the Hosted Package, e.g. mysite.ipbhost.com. It would look like the following example in this case.

forums CNAME IN mysite.ipbhost.com

-or-

forums 14400 IN CNAME mysite.ipbhost.com.

(Note the trailing period after the .com as
it's required in some host control panels such as WHM/cPanel.)

b. Once the CNAME is setup, please file a ticket in our hosting department, providing the sub domain you want to use, and let us know that the CNAME has been setup properly. We will test this and apply the sub domain to your community for you.






If you do not own your own domain currently, you can purchase one from us here onwww.invisiondomains.com if you purchase from us, there is no need to set your name servers, simply file a ticket in our Hosting Department and provide the domain name, and that you purchased from us, and we will apply this to your community.



Note* We do not allow any A Records, as our Community in the Cloud IP's can change at anytime.

You can test your name servers of your domain here http://intodns.com/

You can test your CNAME after setup here https://www.whatsmydns.net/

Updated to pre-release 4.1.9  

https://www.lorextechnology.com/hd-dvr-security-system/powerful-hd-1080p-home-security-system-with-2-ptz-cameras/MPX1612D2ZW-1-p

On 2/5/2016 at 10:15 PM, Admin said:

http://www.bast-enterprises.de/images/Fallout4/Workshop/Power.svg

 

test

http://www.bast-enterprises.de/images/Fallout4/Workshop/Power.svg