![]() |
Attention Everyone
i dont know if it has come to anyone's attention but i have been trying to hack my own site and mess with it myself to see if there are any security wholes on vb that i can fix to protect myself, im here trying all this high tech stuff when i notice that a simple little code in your signature can make the site redirectt wherever you post
<head> <META HTTP-EQUIV="refresh" content="2;URL=http://www.************.com"> </head> inserting that in your signature when html sigs are available will make the site redirect now that i know how to DO it, is there any way to STOP PEOPLE FROM DOING IT!!?!?!? |
disable html ?
|
Quote:
|
yes i did that but now i dont feel like going and making a vb code for all these different codes that members like to use in profiles like drop downs and all of that
and half of the rapboards allot html in their sigs, which is dum cuz rapboards are the boards that get haked the most |
Quote:
|
Indeed, my site is safe, this is not about my site. Its for other sites so i can tell them a way to be secure without having to disable html
If there is a way..... |
bbcode ?!?
|
Quote:
what? |
It clearly says in the admincp that HTML should be turned on with moderation as it's a security risk., as in you should keep a close-eye on who uses it.
|
Quote:
|
Quote:
Yea i was thinking of that and i can come up with a bbcode for pretty much any html code ACCEPT things like drop down boxes. It is clearly impossible to make a bbcode for that. The reason i made this thread was because most of the forums i'm at allow html. Then again, these are all rap boards...Anyways, i see you guys have this situation under control in your forums so my help was just a little useless lol. You guys can close this thread if you'd like. |
you can make a bbcode called [dropdown] and then make a bbcode called [option] and thats all you need for a drop down;)
|
Quote:
|
Quote:
and the replacement code will be wat? lol |
Quote:
|
Allowing HTML automatically makes your forum insecure. The only reason I can think of to allow HTML on a forum is if your board is a small private community. Otherwise you're just asking for trouble.
|
Quote:
so did i, i just didnt know that vb allowed it, i thought it was protected not to allow it or something |
Quote:
|
All times are GMT. The time now is 07:17 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
![]() |
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|