Softaculous

Topic : data breach or giving out information


Posted By: aahepp on March 20, 2018, 11:03 am
Either you all have a data breach or flat out giving out information.  I have a site that has never had any real traffic and only used for a small group of individuals.  As soon as I installed PHP Forum from here (it has now been deleted), you now see attempts from foreign IPs directly to the folder it were it was installed at (which was a few layers down from the main site with.

The site now receives about 25-50 attempts a day to the exact folder it was installed in, tells me either A) you all have a data breach, or B) just giving or selling out the data.

If its A) then you all may want to look at where you all have a gap, if B) and it may be in there as no one ever reads them, put it in the disclaimer that you all will be giving out that information.

Posted By: aahepp on March 20, 2018, 11:11 am | Post: 1
Since typing that first message.  As you see their attempt is directly to where it was installed

119.81.6.196  /apps/forum/profile.php?id=45
103.228.119.129 /apps/forum/
66.102.6.96 /apps/forum/
47.153.146.56 /apps/forum/

Posted By: Brijesh on March 22, 2018, 12:16 pm | Post: 2
Hi,

Sorry to hear about this.

We never give out any data about our users to anyone.

It could be possible someone might have written scanners for PHP Forum script. If you try to install any other script you should not face this issue.

In case you face this issue with other scripts as well do open a support ticket with us and we will definitely investigate this further :
https://www.softaculous.com/support/

Also we will try installing PHP Forum on our servers and see if we can replicate the access attempts on our servers.

-----------------------
Webuzo - Multi User Hosting Control Panel
AMPPS - Best WordPress/PHP/MySQL development tool

Posted By: aahepp on March 30, 2018, 9:38 pm | Post: 3
Installed Joomla and WordPress as tests, and got the same results.  Direct attempts to the folders they were installed to

66.70.240.168    /blog/administrator/index.php (WordPress Installation)
66.70.240.168    /joomla/robots.txt (Joomla Installation)

Posted By: Brijesh on March 31, 2018, 5:33 am | Post: 4
Hi,

Thank you for sharing the details.

In order to investigate this we need to make one more test. Can you make a new test installation on another cPanel account on the same server and check if you face the same issue there ?

I have also replied to your support ticket and we can discuss this in detail over the support ticket.

-----------------------
Webuzo - Multi User Hosting Control Panel
AMPPS - Best WordPress/PHP/MySQL development tool

Powered By AEF 1.0.8 © 2007-2008 Electron Inc.