[Max Taxable]

Quote:

Originally Posted by Digital Jedi

To that point, I think all the hacking that's been going on lately has been a little misleading. It's a mistake to think something's more secure only because it hasn't been hacked a lot lately. vB3 probably has more security vulnerabilities than vB4. It's unsupported, older software that is no longer being patched or developed. That, in of itself, is going to be one of the problems admin experience in the coming years. But it's not a popular target. There are still fewer vB3 boards out than the combined vB4 and 5 boards. Their going to look for the more common vulnerability. The one that will get them into the most sites. The one that will do the most damage. (Which is why WordPress and Joomla are the most hacked scripts out there right now.) vB3 just isn't interesting right now to them, but that doesn't mean it's more secure. Logically, nothing is more secure once development stops. Liken it to anyone trying to use Netscape to browse the web today. You probably won't run into a lot of people targeting Netscape. But you'd be taking a huge risk using it as your main browser. vB3 is not to that point yet. But it will be. And in not too short a time.

But first and foremost, the one which is easiest.

Problem with your missive is, before v4 when v3 was king... It was a rare thing even then to see a v3 site defaced/hacked. It's simply, inherently, more secure than v4.

Side note: I've had a Joomla installation online for almost ten years now, never upgraded it or anything - and it hasn't been touched. It is fronting a v3 installation that's been there for the same amount of time, nothing's happened. I think that one is still a 3.5.4 or some such.

For the script kiddie (which is 99% of this "hacking" that goes on) easy access and vulnerability is key. These aren't actual, black hat hackers here - these are goofs looking for "street cred" and any site will do.

The actual, black hat hacker won't be stopped no matter your security.