Topic: Backup?

Hi kind people :-)

It's already 2nd time when WHOLE MYSQL database has been erased or because of the server-side bug got lost. I contacted my hosting and they are convincing me that there were no MYSQL Server problems, all other users and their databases are ok. I didn't really checked whether whole DB was erased or only records... There are also one dirty competitor... First fall has was in the same day when somebody got password and changed redirect on another web-site belonging to the same suffered web-master. It seems to me that somebody is doing this especially.

Ok, now it's good to guess which exploit he/she uses and back up data and user information in the future.

Are there some known exploits?
Are there some work arounds / ideas regarding backuping? (Maybe with native means / commands of MYSQL?)

Thanks in advance!

Re: Backup?

There are no known exploits in PunBB 1.0.1. There is an exploit in 1.0, but I'm guessing you are already running 1.0.1. I very much doubt there is an unknown SQL injection exploit in PunBB that would allow an outsider to erase the full contents of the database. It almost impossible using MySQL since it only allows one query per call to mysql_query(). So, I believe we can almost ignore that possibility.

Are you absolutely sure it isn't just someone that has gotten hold of the password you use to administrate your database? Do you have a really easy-to-guess password? Do you change it frequently? Do you have the same password in the forums as you do in your database management utility?

To give you some advice regarding backup I need a little more info on what kind of host you are using. Do you have telnet/SSH access? Is the server running UNIX or Windows? Do you have access to phpMyAdmin? Can you setup scheduled tasks somehow?

"Programming is like sex: one mistake and you have to support it for the rest of your life."