Discussion Forums

Advanced Search

How to manually uninstall discussion forums & posts?

Permalink Browser Info Environment
My client's site is running concrete 5.41, and 1.5.7 of the discussion add-on.

My server was attacked over the weekend using the Discussion add-on. The site's database, when exported, ballooned to over 200mb. I'm guessing the attackers were doing some sort of massive auto post, possibly with attachments.

What I'd like to do is disable the discussion forums and delete all forum posts from the database... but I can't get the site to come up so I can login to Concrete5, probably because the database is so huge.

I'd like to manually uninstall the discussion add-on. What tables can I safely empty or drop to remove the discussion forums and all its posts?
Type: Discussion
Status: Archived
invision
View Replies: View Best Answer
Korvin replied on at Permalink Best Answer Reply
Korvin
Believe it or not, 200mb is actually not that large for a databas. Before making any direct changes, make sure you export it completely and save it somewhere safe.

Your issue almost sounds like you may have a run away mysql process, you can try restarting mysql and apache on your server first.

After you have that backed up, you can create a tools file with a script like this:
<?php
Loader::model('package');
$pa = Package::getByHandle('discussions');
$pa->uninstall();

That should uninstall the package, but it might be fragmented, so only do this if you absolutely have to.

Best wishes,
Korvin
invision replied on at Permalink Reply
invision
Korvin,

That site doesn't get that much activity. It's been humming along at about 35mb for a year, then jumped to about 75mb Sept 1, now over 200mb. Massive number of user accounts being created and posts being created on the site.

thanks for the reply. I'll mark your answer as "best". I'll let you know what happens.
invision replied on at Permalink Reply
invision
Korvin,

I have recovered use of the console now. I've killed access to the forum pages to admin only, so that should stop any future posts.

If I delete your package, will that delete the pages created by the discussions add-on? I'm thinking no...

Do you have a relatively safe method to mass-delete pages (forum posts) and user accounts? perhaps an add-on that accomplishes those tasks?

Sherm
invision replied on at Permalink Reply
invision
Korvin,

Upon further review, I noticed that I had moderation for all posts turned on. How would these script kiddies get the ability to make forum posts without me being notified of posts to moderate?

Sherm
Korvin replied on at Permalink Reply
Korvin
It's very possible that a hole was patched between the version you have, and the version that's out now. We use discussion forums here at concrete5 without such issues.

Best wishes,
Korvin
invision replied on at Permalink Reply
invision
Yes, that's always the danger of not keeping a site updated. Actually, I discovered their scripts registered users, posted to the forums, then their scipts bombarded the site with email responses. All looking for an entry point. Nothing really compromised, but the sheer volume of the traffic was killing my bandwidth.

Working on a solution using the server's firewall to block non-US IP addresses.
invision replied on at Permalink Reply
invision
I just upgraded the site all the way up to 5.6.1 (or whatever the current version is). It didn't take as long as I thought... I was worried that many of the plugins used wouldn't easily upgrade. I had to make some changes to a couple of plugins that upgraded (to match the customization I had done before). What a relief. Now, onto the dozens of other sites I need to upgrade.
invision replied on at Permalink Reply
invision
Forgot to mention... one of the reasons I upgraded was to be able to quickly delete a bunch of posts. There were SO many posts in the live site, and just selecting and deleting a single post was taking 2-3 minutes. Trying to delete an entire branch by deleting the main page was impossible. After upgrading to 5.5, I was able to quickly delete massive number of pages.

Not real crazy about the goofy background image in the dashboard. Who's brainchild was that? It would make a LOT more sense to display the website underneath.
frz replied on at Permalink Reply
frz
Mine.
You'll grow to love it.
;)
invision replied on at Permalink Reply
invision
Not likely. Why use bandwidth to pull in a random photo that has absolutely nothing to do with a client's website? Reminds me of when I used to do Mac tech support... I'd always find huge desktop images installed on "creatives" computers that would ultimately slow the system down.

This will do nothing but confuse not-so-tech-saavy clients. I'm sure I'll be getting calls asking why this image is showing up. Otherwise a great-looking upgrade.
ConcreteCMS replied on at Permalink Reply
ConcreteCMS
Attention: Since there has been no activity on this issue for two weeks, this issue has been automatically archived.

To re-open this issue, reply to this message.

concrete5 Environment Information

Browser User-Agent String

Hide Post Content

This will replace the post content with the message: "Content has been removed by an Administrator"

Hide Content

Request Refund

You have not specified a license for this support ticket. You must have a valid license assigned to a support ticket to request a refund.