Ok guys, I am not sure whether this title would be perfect for the post or not but yes, it is related to spammers and it is related to vBulletin.
Today, few hours back, while I was working, I got few mailer daemon messages with bounced back email details. Found, a user sending out spam messages. I just went to the forum and banned that user.
Now, when I checked the number of online users, I got quite shocking figure of around 75 members, it soon increased to 100+ members within few seconds. This was kind of shocking considering there was nothing important on the site around this period.
After checking few things, I found that all the users were actually sending out personal messages and the bounced message was one of them. (Soon more bounced mails started flowing in)
So, the first question came in my mind was “Is it a Hack?” To be frank, I panicked for sometime as I was in middle of some important work and this thing came up.
I quickly, made the forum offline to avoid more spam messages and secondly, I disabled PM option for all the users. (Usergroups – Usergroup Manager – Select the usergroup and edit – Set PM limit to 0)
Okay, after this, I opened a support ticket in vBulletin member’s area and started digging out their forums to get more info over it.
So what did I find..?
Well, for last couple of month, there is some spam bot (script) playing around vBulletin based forums, checking the usernames for weak passwords (mainly the users with password same as the username) and then the spam bot logs in using those weak users and sends out spam personal messages.
By default in vbulletin there is no option to check for weak passwords, so first you need to jump to vbulletin.org forums and download this plugin called: Password Security Tools and install it.
This plugin will check for existing usernames with weak passwords (Incl. the ones with password same as username), reset their password to a random string and email them the new login details. And this plugin also prevents new registration with the weak password too.
So, moral of the story is.. if you see something like this in your forum, do not panic, install this plugin and clean up the mess. But make sure you have shut down the forum before doing anything.
Yesterday, I upgraded WordPress to latest version and also moved to the new server. But after that I don’t know something went wrong with the blog and it started throwing blank pages on random basis.
The blog starts working fine when I restart apache and change the theme to classic (No default wordpress theme also doesn’t work) and then change it back again to my custom theme.
Pretty strange error.. I had plans to watch Shaurya in the afternoon but I guess I will have to fix this issue first..
Do let me know at deep at whoisdeep dot com if you are getting any strange errors on the blog..
Update: Just found that the issue is with Apache installation, some conflict between Apache and PHP modules. I have asked the tech support to reinstall Apache. I guess that should happen in couple of hours.
I have been with Resellerzoom (RZ) for more than a year and I am proud to be one of their many satisfied customers.
I currently hold 2 reseller accounts with them (1 for Linux and 1 for Windows) and the servers and support have been quite impressive.
I know there have been some downtimes and some mail related issues lately but that’s part of the package as it’s not possible to provide 100% uptime.
What I liked most about RZ, is their support.. very quick and very friendly.. (Trust me.. very friendly).. There have been many instances where their friendly support has helped me to tackle the issues quickly. Be it with overusage of the resources or with the migration of any site.
Yesterday, I was moving a site on RZ server, I had to move gunzip file of around 1GB from other server to RZ server.. my download (wget) process was getting killed automatically due to server restrictions, I mailed support to have a check and download the file for me, if possible.. got reply promptly from them and within couple of hours, my file was moved to RZ server…
Today, the same site was causing issues on the server, so they had to disable the site. Now, I wanted to move the site to high-end server (some other hosting company). Again, I faced the same problem of my process getting killed automatically, Dylan from support came to the rescue again. (Like always, Andrew from Abuse department helped me to figure out the issues.) Currently he is compressing the 1 GIG data, so that I can put it on the new server.
The purpose of mentioning these 2 issues is to mention that, no matter what the situation is, if you are migrating the site to their server or moving to other server provider, they will try their best to help you out and that is what I call SUPPORT. I am pretty impressed with them and I am sure they will never let me down. 
If you are looking for a reseller account, I would strongly recommend Resellerzoom.
I know, this must be dream for many of Paypal users (Like me).. now, Paypal allows you to transfer funds directly to your bank account, no need to wait for their DD to arrive… this whole process takes just 5-7 days and the best part is, if the funds are Rs. 7,000 and above, there is no transfer fee. (Otherwise it’s Rs. 50)
Thanks Venkat for the info
I just had a really good lesson in domain name buying, I had decided on one domain name in the morning, it was a very short and cool domain name. In the morning it was available, I thought I will buy it in the evening (Once I am back from the meeting) and now this laziness is costing me very much..
The domain got registered in the afternoon and in short, I could not get it…
So, if you come up with an idea of some domain name, just buy it quickly.. don’t be lazy like me.. I guess John will also agree with me on this one.. (We both have had very good experiences in this)
