Anyway, you want to know what happened. I got an email from the webhost:
Sehr geehrte Damen und Herren,
Anbei eine E-Mail, welche wir bezüglich Ihrer Domain koratfart.com erhalten haben, es besteht dort scheinbar ein Sicherheitsrisiko.
Ich hoffe, dass Ihnen dies weiterhelfen konnte und wünsche Ihnen einen schönen und stressfreien Tag.
With kind regards
Your Pascal Wolz
webgo Abuse - Team
16.06.2017 20:40 - Hanno Boeck schrieb:
> Dear sir or madam,
> I wanted to inform you about a security issue with your web servers.
> It is possible to download backup files of PHP scripts from your web server.
> Depending on what these scripts do they could contain sensitive
> information like passwords. In any case: It is almost certainly
> unintended and you should remove those files.
> I have attached a list of affected IPs and URLs below.
> If you are not directly responsible and these are on your customers
> hosts please forward this message to your customers.
> Yours faithfully,
> Hanno Boeck, https://hboeck.de/
> List of affected URLs:
> IP 188.8.131.52 URL http://koratfart.com/index.php~ IP 184.108.40.206
So I had a look at our software. The guy is right; there is a display of information about the settings, though no sensitive or even private info at all. All SMF forums have that file index.php~ openly accessible, even the local one with the dash. Or SMF's own forum.
While I was looking at things, trying to find a clue, I noticed there was an update on the forum software from 2.0.13 to 2.0.14. Ok, ran the test, all ok! So, I started the update. Completed successfully, it said. The forum still worked. About two hours later I tried to open the forum to check for new posts. Well, then I got the blank page.
Now I can spin a lot of theories, what might have gone wrong and when. Probably my more not than working TOT connection just failed when the software was updating. Or there could be something to that email from the webhost and it got hacked. I don't know! I had problems like this before and could always solve it with the help of other people on SMF's forum. But the question remains, whether it is worth, recovering KoratFart forum, as the posting participation was quite low. The reading was extremely well: we got an average of 900 - 1000 unique visitors per day.
The question is, to hang on to that forum or make a new one at http://koratforum.com, or just move to the English section here. The forum setup on koratforum.com I installed a long time ago for testing the phpBB3.1 software. now it would need a lot of updates etc.
I'll keep you informed!