| Author |
 Topic  |
|
|
shyguy
Starting Member
47 Posts |
 Posted - 04 August 2002 : 20:41:52
|
Hi there all members and Snitz Team.
Some while ago I downloaded Aviv's poll mood forum with all the great features such as ative users, private message etc. But what I got today was a guy named Kibrisli (probably a Turk) hacked my board.
Luckily, I had the database backed up and now you can check out the latest forum I uploaded. I downloaded off snitz because I could not risk depending on premodified ones anymore.
So just wanted to get some tips and ideas about security issues for my forum.
The link to the forum is in my profile.
Thanks
Edited by - shyguy on 04 August 2002 20:46:15 |
|
|
davemaxwell
Access 2000 Support Moderator
USA
3020 Posts |
Posted - 04 August 2002 : 21:33:23
|
You need to be sure you've upgraded to v3.3.05 and make sure any and all admin passwords are changed.
Other than that, you should be ok....
Dave Maxwell
--------------
Proud to be a "World Class" Knucklehead |
 |
|
|
Gremlin
General Help Moderator
New Zealand
7528 Posts |
Posted - 04 August 2002 : 22:47:59
|
Renaming the database to something else also siginificantly reduces the chances of someone being able to download your database. Putting it in a folder above your webroot where it can't be downloaded from is also a big plus.
www.daoc-halo.com |
|
|
|
shyguy
Starting Member
47 Posts |
Posted - 04 August 2002 : 23:13:09
|
Yea guys, I always have the database file in a database folder outside my html folder...which is pretty unreachable but again, I did not understand how this guy found out about my password?
Now I have to add up all those nice poll, online users and other features to the new forum.
Just wondering, are the mods from http://ls3k.com/snitz/mods.asp secure and with no bugs and all?
Thank you
http://www.virtualafghans.com/forumboard/ |
|
|
|
Jeepaholic
Average Member
USA
697 Posts |
Posted - 05 August 2002 : 00:27:58
|
Understand that a majority of the mods created for this forum are generated and distributed by its users. The development team typically has nothing to do with the creation or "validation" of them...so, as far as a "Security Seal of Approval" is concerned for mods...it's a "Use at Your Own Risk" system.
On top of that, these FREE forums are also "Use at Your Own Risk". No warranty is presented or implied. The development team has taken leaps and bounds to make 3.3.05 and the upcoming 3.4 version to be as secure and bug-free as possible. I've paid for products that don't take the time to do as much as the developers at Snitz do.
Al Bsharah
Jeepaholics Anonymous
Edited by - Jeepaholic on 05 August 2002 00:30:37 |
|
|
|
Gremlin
General Help Moderator
New Zealand
7528 Posts |
Posted - 05 August 2002 : 03:07:47
|
If you hadn't applied all of the fixes listed in this forum here http://forum.snitz.com/forum/forum.asp?FORUM_ID=118 then thats how you were hacked. There have been several updates recently to prevent malicous users from retrieving Admin and member passwords.
The 3.3.05 version you've downloaded does include all of these fixes.
www.daoc-halo.com |
|
|
|
shyguy
Starting Member
47 Posts |
Posted - 07 August 2002 : 23:29:02
|
Thanx guys. Yea, I downloaded the latest version and am adding the features such as users online, private messenger etc...hope these add-ons does not make the forum fulnerable for another hacker-attack!
Ciao
http://www.virtualafghans.com/forumboard/ |
|
|
| |
Topic |
|
Topic Locked
