MyBB Central

Full Version: MyBB Exploit Redirects
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
Me and my friends and most likely other forums' have been redirecting to MeatSpin. How do I get rid of this?
Did you check your htaccess?

What plugins do you have installed, and do you and your friend run on the same server, or host?
I bought the domain for him he has a totally different host. And I only have RedTube MyBB, YouTube (I think), Username History, Tabs, and I think that's it.
Did you check your htaccess though?
Options -MultiViews +FollowSymlinks -Indexes

# If mod_security is enabled, attempt to disable it.
# - Note, this will work on the majority of hosts but on
#   MediaTemple, it is known to cause random Internal Server
#   errors. For MediaTemple, please remove the block below
<IfModule mod_security.c>
    # Turn off mod_security filtering.
    SecFilterEngine Off

    # The below probably isn't needed, but better safe than sorry.
    SecFilterScanPOST Off

# MyBB "search engine friendly" URL rewrites
# - Note, for these to work with MyBB please make sure you have
#   the setting enabled in the Admin CP and you have this file
#   named .htaccess
<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteRule ^forum-([0-9]+)\.html$ forumdisplay.php?fid=$1 [L,QSA]
    RewriteRule ^forum-([0-9]+)-page-([0-9]+)\.html$ forumdisplay.php?fid=$1&page=$2 [L,QSA]

    RewriteRule ^thread-([0-9]+)\.html$ showthread.php?tid=$1 [L,QSA]
    RewriteRule ^thread-([0-9]+)-page-([0-9]+)\.html$ showthread.php?tid=$1&page=$2 [L,QSA]
    RewriteRule ^thread-([0-9]+)-lastpost\.html$ showthread.php?tid=$1&action=lastpost [L,QSA]
    RewriteRule ^thread-([0-9]+)-nextnewest\.html$ showthread.php?tid=$1&action=nextnewest [L,QSA]
    RewriteRule ^thread-([0-9]+)-nextoldest\.html$ showthread.php?tid=$1&action=nextoldest [L,QSA]
    RewriteRule ^thread-([0-9]+)-newpost\.html$ showthread.php?tid=$1&action=newpost [L,QSA]
    RewriteRule ^thread-([0-9]+)-post-([0-9]+)\.html$ showthread.php?tid=$1&pid=$2 [L,QSA]

    RewriteRule ^post-([0-9]+)\.html$ showthread.php?pid=$1 [L,QSA]

    RewriteRule ^announcement-([0-9]+)\.html$ announcements.php?aid=$1 [L,QSA]

    RewriteRule ^user-([0-9]+)\.html$ member.php?action=profile&uid=$1 [L,QSA]

    RewriteRule ^calendar-([0-9]+)\.html$ calendar.php?calendar=$1 [L,QSA]
    RewriteRule ^calendar-([0-9]+)-year-([0-9]+)\.html$ calendar.php?action=yearview&calendar=$1&year=$2 [L,QSA]
    RewriteRule ^calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)\.html$ calendar.php?calendar=$1&year=$2&month=$3 [L,QSA]
    RewriteRule ^calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)-day-([0-9]+)\.html$ calendar.php?action=dayview&calendar=$1&year=$2&month=$3&day=$4 [L,QSA]
    RewriteRule ^calendar-([0-9]+)-week-(n?[0-9]+)\.html$ calendar.php?action=weekview&calendar=$1&week=$2 [L,QSA]

    RewriteRule ^event-([0-9]+)\.html$ calendar.php?action=event&eid=$1 [L,QSA]

    <IfModule mod_env.c>
        SetEnv SEO_SUPPORT 1

# If Apache is compiled with built in mod_deflade/GZIP support
# then GZIP Javascript, CSS, HTML and XML so they're sent to
# the client faster.
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE application/x-javascript text/css text/html text/xml
In the admin cp do a template search for meatspin, to see if a plugin added a redirect into it.
I can get into the CP at all either.
Probably happened cuz you doxxed HF members. I guess that doesn't go over well with some people.
I can't dox for shit. I know Far did and I saw his lists. That's it. Lin comes in and says his forum is hacked and my friends earlier said my forum was redirecting to MeatSpin. So I don't know.
Alright I think the redirects are gone for now.
Pages: 1 2