Hey guys, Adrian here! Sorry about what’s happened - I’m very happy to accept any help from anyone here who can dedicate the time to babysit a migration of phpBB from its very old version (3.0.8, released sometime around 2010. It’s almost old enough to drink!) to a recent one that has the latest security fixes.
I’ve brought the board back up for now temporarily, with a few firewall rules in place to stop the one specific attack that I was facing – but given that whatever exploit was used is still unknown to me, it’s quite possible/likely that the script kiddies who found it the first time will do so again from a different botnet/IP and I’ll have to take it down again until a permanent solution is found.
Like I mentioned to Thomas, no data is lost and I do take regular backups. It’s just a matter of getting the software through the upgrade lifecycle of over a decade’s worth of phpBB releases.
If you have the requisite skills, please do e-mail me at adrian@apetre.sc and we can immediately get to work together. I can probably bumble through myself eventually, even if I have to write a custom SQL migration, but it’s time I just don’t have at the moment, and probably won’t have until October.
Anyway, here’s hoping the month-long downtime has thrown the original attacker off the scent enough for them to forget about us for now 