To make a long story short, me and my boyfriend play games online and we have a clan and we purchased a domain here. A former clanmate has taken my sight down 2 times and we got it back up, got into my bluehost account once and changed my password. And this time he just got into our site/forums again and banned our IP and changed our passwords. I can't get my password sent to my email, it just says someone attempted to reset password in my email. Is there anyway to get it back and get unbanned without doing a backup? I am new to all this and I don't really know how to use the control panel well, I had someone else set my site up for me and then I changed my password. Thanks!

You need to contact support via the website. Never give out your account details, I'm guessing if you contact Bluehost support they will ask for some of the original details that you got from your first payment (Any account numbers or such, if they are not on the cpanel).

You were not hacked, hacking is very different, so is cracking, you gave out your password.

Also I'm not sure if you have to put any more details in to use your credit or debit card with Bluehost services, it also contains your address, name, phone numbers... You shouldn't have given your account details out at all, anything could happen off them, including fraud.

In basic, contact support immediately.

http://helpdesk.bluehost.com/help

Use open ticket, they usually reply within minutes.

You need to contact support via the website. Never give out your account details, I'm guessing if you contact Bluehost support they will ask for some of the original details that you got from your first payment (Any account numbers or such, if they are not on the cpanel).

You were not hacked, hacking is very different, so is cracking, you gave out your password.


I did contact bluehost already. They can't find out the password for the site. :( So I will probably end up doing a back up. But, no, nobody has/had my new password. When the problems started with the former team mate, I changed my passwords before he knew we were kicking him off the team.

Never trust anyone unless you know them in real life, don't trust anyone online with your details. They do know your password unless its encrypted and they can still change it.

If you have changed your password, what exactly is the problem?

Well I changed my passwords after the first time he took my site down, and I blocked him and his IP. But now I can't get into my website at all again. I can get into bluehost control panel, nothing has happened to that account. Someone told me to use some proxy site thing, and I can get to the site that way only cause it hides my IP or whatever. I just can't login cause it says wrong password, same with my boyfriends, same IP etc. So, somehow someone got into our site and banned me and changed my password. And nobody has admin rights on my site. I don't know whats going on. Same thing with my game servers. (another long story lol) The person who was in our clan was very computer smart. So, I guess I can't really do anything except do another backup and lose all recent info again. lol Believe me I am never trusting anyone I don't again. LOL

Lets see if I understand this, you have one member who has some how banned your IP and you cannot get into your forum, you say he has no admin rights on the forum, and your control panel is secure, when you use a proxy server you are able to access your site?.

I assume when you setup the forum the option to to ban a account for so many failed attempts to log on was left in place, if that is the case all he needs to do is log on under your name or your boyfriends and enter the wrong password a couple of times, your account is then banned (locked) for how ever long it was set to, he could just run a script that tries to log on every hour, and your account will stay locked. :eek:

Well I changed my passwords after the first time he took my site down, and I blocked him and his IP. But now I can't get into my website at all again. I can get into bluehost control panel, nothing has happened to that account. Someone told me to use some proxy site thing, and I can get to the site that way only cause it hides my IP or whatever. I just can't login cause it says wrong password, same with my boyfriends, same IP etc. So, somehow someone got into our site and banned me and changed my password. And nobody has admin rights on my site. I don't know whats going on. Same thing with my game servers. (another long story lol) The person who was in our clan was very computer smart. So, I guess I can't really do anything except do another backup and lose all recent info again. lol Believe me I am never trusting anyone I don't again. LOL

You gave him forum admin aswell then? That meant he could see your IPs (Unless he looked at the last IP logged in from function), if he was computer smart make sure you scan your computer.

I don't see how he could deny your IP unless its something on the site or something in the control panel. Have a look in IP deny manager, other than that do you use a router?

Blocking IPs does nothing, you can always avoid IP bans. If you do have a router turn it off for about 10 minutes and then turn it back on again, it will reset all IPs your computer uses. If you don't use a router search for a way how to reset your IP. Using a proxy is a way but you shouldn't have to use a proxy to access your own site.

I assume that you still have cpanel password and are able to access cpanel.

For forum password, normally, it's hashed and stored in DB (at least for phpBB forum :D)
What you can do is to think of a new password, encrypt it using the same hashing method (MD5 or SHA). Then go to DB (using mysql admin in cpanel), look for hashed password, modify it with your new hashed password.

And in DB tables, you can mess around to unban your IP.

Everything from forums is in DB anyway. In theory, I think this should work.

If it is too technically difficult, I think you may only need to restored "password table" only, you don't need to restore everything (which lead to losing posts).

BTW, noone, even system admin (Bluehost) will know your password as it's hashed already.

If you have a backup of your forum DB (through phpMySql admin), it's even simpler.
Look for your "hashed password" for admin in your DB backup.
Then set the current hashed password to the old "hashed password".
Done. You should be able to use old password to login (if you could disable/avoid IP ban

Go to phpbb.com and download the "Admin ToolKit" ... if you don't already have it it is very simple and will let you create a new admin account either by fixing your account(s) or by promoting a new account to admin status.

You should also check to make sure that this is not already installed ... if it is you need to delete it first. However, "if" it is already installed this is probably how the guy was messing with you.

Good Luck! :)

I would say your ex-buddy installed a key logger on your computer :) You better check your bank accounts if you use online banking.

I would say your ex-buddy installed a key logger on your computer :) You better check your bank accounts if you use online banking.

loo... naughty boy.
i try those stealth keylogger before, they really freak me. everything is logged at the backend.

Go to phpbb.com and download the "Admin ToolKit" ...

Do this, it's the best help offered in this thread!