Server possibly hacked [SOLVED]

[johu]

Hi,

I got a notification today that there is malicious actvitiy on the server. So I might have to shut it down for a while until we found the problem.

Johannes

[johu]

We have hardened the firewall and I upgraded Forum and Shop software to the newest version. Please speak up if something is not working.

[dima]

Hmm there are a few plug-ins that need updating I was going to do it but my SFTP access not working anymore.

sftp_error.png (6.93 KiB) Viewed 1409 times

[johu]

Had to temporarily disable the mediaembed plugin because it caused some error:

Code: Select all

2019/07/29 09:23:41 [error] 21475#21475: *129955 FastCGI sent in stderr: "PHP message: PHP Fatal error:  Uncaught TypeError: Argument 6 passed to phpbb\mediaembed\event\main_listener::__construct() must be an instance of phpbb\mediaembed\collection\customsitescollection, none given, called in /forum/cache/production/container_4335734bbdd20f586549a504dff5f80c.php on line 3142 and defined in /forum/ext/phpbb/mediaembed/event/main_listener.php:78
Stack trace:
#0 /forum/cache/production/container_4335734bbdd20f586549a504dff5f80c.php(3142): phpbb\mediaembed\event\main_listener->__construct(Object(phpbb\auth\auth), Object(phpbb\config\db), Object(phpbb\config\db_text), Object(phpbb\language\language), Object(phpbb\template\twig\twig))
#1 /forum/vendor/symfony/dependency-injection/Container.php(295): phpbb_cache_container->getPhpbb_Mediaembed_ListenerService()
#2 /forum/vendor/symfony/dependency-injection/ContainerBui" while reading response header from upstream, client: 212.101.57.99, server: openinverter.org, request: "POST /forum/posting.php?mode=reply&f=2&t=207 HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "openinverter.org", referrer: "https://openinverter.org/forum/viewtopic.php?f=2&t=207&start=10"

[johu]

Test post

[johu]

Seems like it's working again

[johu]

Sorry about the trouble, made a mistake when upgrading the mediaembed plugin and you couldn't post. Seems fixed now.