Tweet
A search here did not find any posts on this topic. I hope this is the right place for this subject.
I am using the SMF message board software, and first noticed some 10 new registration requests in one week. The user names and e-mail addresses caused me to investigate. The SMF web site confirmed auto generated users were applying to many SMF sites and some sites had already been hacked. I noted this comes after two of spamers and criminals favorite servers had been taken down.
I have taken pre-emptive action by replacing my current passwords with stronger passwords and deleting the questionable new users. Did I miss something? ResellersPanel's servers do NOT allow "special characters" in passwords? If so I am astonished. Every article on website security I have ever read advises strong passwords be made op of upper and lower case letters, numbers, and special characters. The addition of special characters to a password means hackers attempting to crack a password would need a week or two to try every possible combination of some 90 characters. Its not worth it, seeing how there are so many easy targets available.
My initial reason to post here is to offer a warning to others and to possibly give a heads up to our server techs to be watching for hacking attempts. These attacks are still to new to know just how they are breaking in, whether through the web site or the server.
I am using the SMF message board software, and first noticed some 10 new registration requests in one week. The user names and e-mail addresses caused me to investigate. The SMF web site confirmed auto generated users were applying to many SMF sites and some sites had already been hacked. I noted this comes after two of spamers and criminals favorite servers had been taken down.
I have taken pre-emptive action by replacing my current passwords with stronger passwords and deleting the questionable new users. Did I miss something? ResellersPanel's servers do NOT allow "special characters" in passwords? If so I am astonished. Every article on website security I have ever read advises strong passwords be made op of upper and lower case letters, numbers, and special characters. The addition of special characters to a password means hackers attempting to crack a password would need a week or two to try every possible combination of some 90 characters. Its not worth it, seeing how there are so many easy targets available.
My initial reason to post here is to offer a warning to others and to possibly give a heads up to our server techs to be watching for hacking attempts. These attacks are still to new to know just how they are breaking in, whether through the web site or the server.
Comment