Hello All,
I was hoping I could get some help. I woke up today and went to moderate our forum but have this error on the front page...

phpBB : Critical Error

Could not obtain ban information

DEBUG MODE

SQL Error : 1054 Unknown column 'ban_ip' in 'field list'

SELECT ban_ip, ban_userid, ban_email FROM phpbb_banlist WHERE ban_ip IN ('475239cd', '475239ff', '4752ffff', '47ffffff') OR ban_userid = -1

Line : 160
File : sessions.php

I looked in the database and sure enough there is nothing about 'ban_ip'.

Does anyone have the database structure for this version? I could really use the ban structure to fix this problem.

Any help is greatly appreciated.

Thank you,
Ben

Seems like the structure for the 'phpbb_banlist' table is:
CREATE TABLE [phpbb_banlist] (
[ban_id] [int] IDENTITY (1, 1) NOT NULL ,
[ban_userid] [int] NULL ,
[ban_ip] [char] (8) NULL ,
[ban_email] [varchar] (50) NULL
) ON [PRIMARY]


so, it seems like your table's missing the 'ban_ip' field for some reason :eek:

Yea, the banlist got hacked.

Heres the results of trying to run your code above...

Error
SQL query:

CREATE TABLE [phpbb_banlist](

[ban_id][int]IDENTITY( 1, 1 ) NOT NULL ,
[ban_userid][int] NULL ,
[ban_ip][char]( 8 ) NULL ,
[ban_email][varchar]( 50 ) NULL
) ON [ PRIMARY ]

MySQL said:

#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '[phpbb_banlist] (
[ban_id] [int] IDENTITY (1, 1) NOT NULL ,
[ban_userid] [in' at line 1

You wouldnt have another idea would you?

Ok I got the banlist table in but now the forum isnt showing anything. None of the posts or catagories or anything. Everything is showing fine in the database but not in the forum.

Any ideas?

Keep your forum updated.

Peace,

Keep your forum updated.
Peace,


Yea, this is totaly my fault. I never really thought I would need a backup of a forum, live and learn I guess. :blush:

I have found out that the hacker also wiped out our users so I guess the only thing left for us to do is delete and start over :(

I know better next time.

I thought phpbb would be a lot more secure than this :mad:, oh well.

I think you can get a better support from the team and more over i think there is nothing to get panic as the forum is not hacked.

More over why people give such false titles before they could see out what the problem is of.

Firstly, what version of phpBB are you using?

The current release has no known security exploits, so I'm guessing you were using an out of date version, which is why you got hacked.

phpbb is not secure by no means. It has many insecurities installed by default. You have to spend time securing it or more stuff like this or spam posts will happen. Do you have daily database backups? Maybe worse comes to worse you have a 7 day backup and they just hit three days ago so you can restore and secure your phpbb to four days ago..

Just because spam bots can post, doesn't mean it's insecure. Yes, they are annoying.
Security wise, 2.0.22 has proved to be secure....as in....it's not been hacked yet.
It's not just phpBB which has issues with spam bots, most forum software has some sort of problem.
One mod from this thread: http://www.phpbb.com/community/viewtopic.php?f=1&t=427852 sorted out my spam bot issue.

Is spam a security threat?
No. While spammers may seem like they are breaking through your defenses, they actually don't do anything that a regular users couldn't do (register, post, etc). Spam is therefore not a vulnerability and should not be considered as such.

Nope but spam is the pits. I'm using "Better security captcha" from http://www.paulscripts.nl/ and it seems to be a good replacement for the built in captcha. The spam was my main complaint because I had an active and old (search engines had picked it up) and the spammers were hitting it hard. I had all registrations set to admin until I put this mod in not it's open and I haven't had any spammers get through yet.

Since I implemented this mod, I've had 0 spam bots sign up, where before I was getting 3-4 a day:

http://boonedocks.net/mike/archives/143-PHPBB-Anti-spam-Registration-Question.html

No. While spammers may seem like they are breaking through your defenses, they actually don't do anything that a regular users couldn't do (register, post, etc). Spam is therefore not a vulnerability and should not be considered as such.

If your comments system allowed HTML or remote images, then this could be a possible way of trying XSS exploits. To say it is 'not a vulnerability' is a bit misguided. If a bot can add accounts without intervention, then initially you have the problem of database pollution; then, depending on what registered users can do, you are open to other exploits.

So, try using some sort of CAPTCHA to deter such attempts.

It's not just phpBB which has issues with spam bots, most forum software has some sort of problem.

and almost all portal/'blogware'-type products; some offer built-in protection (ie, CAPTCHA or email verification) others offer it by hooking into third party providers (like OpenID). Almost all have some plugin that prevents automated submissions.

phpBB is known for having frequent exploits. I'd definitely recommend installing mod_security to prevent this from happening again.

Thanks everyone for your replies. I was unable to save the forum.

I have been thinking about switching to Simple Machines Forum. Any comments on that one?

If you want to start your forum, I would highly recommend you to purchase vBulletin or IPB. These are the two best forums scripts on the web. They're also much more secure than PHPBB. I've seen a large amount of PHPBB boards hacked.. they're just insecure. They will always have vulnerabilities. It's not worth your time fixing them.

Thanks everyone for your replies. I was unable to save the forum.

I have been thinking about switching to Simple Machines Forum. Any comments on that one?


I used to run a community that used phpBB for about 2 years and was never hacked (but was a pain to update manually every time they got out a new version)
Eventually we moved to SMF and made a bit of a clean start.
Nowadays I am no longer involved with that forum but I hear it is still running fine.

Anyways I guess I can give you the following advice..
-Install all the updates asap when they come out
-Don't mod your forums too much as it opens more vectors for hacking
-Backup, Backup Backup... daily if you can