vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Community Lounge (https://vborg.vbsupport.ru/forumdisplay.php?f=13)
-   -   Secure My vBulletin (https://vborg.vbsupport.ru/showthread.php?t=55896)

TheComputerGuy 08-04-2003 08:45 PM
Secure My vBulletin
 
Hi there. I run a small vB with only 385 members, and 2 are wanting to try and take it over. I intercepted a message about my site not being secure. I have .htaccess on the admin folder, but appearently it is not enough. Is there anything else I can do? I have 2.3.0 uploaded, and such. But I am totally clueless what to do.

If they do it or not, I am thinking what if someone just does it without discussing it. I have passwords that are constantly changing which I think is a big help, and such.

Anyone had to deal with this?

Steve Machol 08-04-2003 09:01 PM
Here's some things you can do to increase the level of security for your forums:

1. Upgrade to the latest version (you've done this)
2. Do not install any hacks
3. Password protect your Admin and Mod CPs: http://www.javascriptkit.com/howto/htaccess.shtml
4. Make sure the getadmin.php file is NOWHERE on your website
5. If you have phpMyAdmin make sure it's password protected.
6. Also ask your host to change the login password for your account.

Erwin 08-05-2003 12:30 AM
Great tips, Steve.

Regarding (2) - it is crucial that people who do install hacks that they review the code to ensure there are no backdoors put in. I've never seen one, but it's best to do so. :)

Steve Machol 08-05-2003 04:02 AM
Even without an obvious backdoor it's possible that a hack will change the code in such a way to inadvertantly create a security hole or impair one of the security fixes in the default files.

While this isn't likely, it's nonetheless possible.


All times are GMT. The time now is 03:35 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01052 seconds
  • Memory Usage 1,712KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (4)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete