Just like clock work, I think, assume

Well powweb staff finally gave a decent answer to why all of a sudden my site is slow.
They said someone is exploiting a cgi flaw in phpBB.

Last year during may of 06 this stuff happened too.
Though all they did was deface some pages.

This year it started in June.

Both times there was mass confusion and many many powweb customers where having problems too.

Like the roving gang comes n visits powweb every spring and attacks the main account.

Why I think that?

I have 3 of the same forums running.
Only the main one has ever been attacked.

If you are getting bad slowness from your forum ask powweb staff for detail info on why.
I had to ask 3 times very sternly for them to explain in detail why I was all of a sudden using to many cgi connections and said I guess Ill hafta move my account if they don’t know.

“All the php script in /home/users/xxxx/xxx/pow.xxxxxxx/htdocs/phpBB directory got exploited. It seems that you are using an old copy of phpbb. Could you please upgrade the phpBB for your account?”

Though I dunno how every single file could have been attacked but least were getting somewhere.

There is a pattern here though. Since the sale of powerweb every spring the hackers visit.

I thought you had written us a poem there for a minute.

If you don't keep your apps updated, they will find you wherever you are. There are people that go out searching for security gaps to exploit as soon as the issues are discovered. It's a race to plug the holes before the rats get in.

And as has been pointed out many times, old apps generally use more resources. Shared resources in this case.

But its never just me. When it happens everyone else has problems.

If I was the lone website with bad slowness it wouldn't be that big of a deal but its like they target everyone they c an on the same hosting at once to muck it up for all.

If they were smart they would attack my other 2 forums that never get used where it wouldn't be kown.

But what ever it is they are doing is directly to target the main accounts n cause massive slowness server wide.

All web hosts see hackers exploiting open source scripts.

phpBB is the most popular forum software, so it is a primary target for spammers and hackers. These tutorials show how to protect your forum. (http://www.easytutorials.org/phpbb_security.html)

The "hackers" simply run scripts that scour the net for old versions of phpBB, phpNuke etc etc. Unless you have very heavily modified forum updates are done easily. 2.0.22 has been available for 5 months. You can subscribe to phpBB and recieve an email each time a new version is released.