The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
||||
|
||||
Flashchat; safe or not?
Hi everyone,
I would like to use a chat on my website, currently I'm using the latest versions of vB (3.6.4) and flashchat (4.7.7). But, I have read that a lot of boards are hacked due to flashchat. What do you think, is it safe to use or not? Yeah I know, it is coded by people, so it is never 100% save... Do you suggest another chat system? What do you use? Thanks, Kris |
#2
|
|||
|
|||
I would say it's pretty safe, I use it on my forum and it's never been hacked so far.
If you have a moderately small forum it is allways best to use a shoutbox in my opinion something along the lines of vShout. Allways there so you can quickly have a look at whats going on while browsing the forum, whereas with flash chat you have load it up and you cant just flick throgh it all. But then on the other hand if you have a larger forum I guess a shoutbox would be too small. |
#3
|
||||
|
||||
Thanks for your reaction, Saulie!
My forum will start at 16 dec, I'm curious how the chat will react on public. Grtz, Kris |
#4
|
|||
|
|||
i thought you just had to delete some file in flashchat and that would solve the hacker problem
|
#5
|
||||
|
||||
Do you mean the install folder and the files of the other CMS's we don't need?
Kris |
#6
|
||||
|
||||
If you read the various theads on the subject you will know that the AEDating CMS security hole was fixed months ago, sometime around Flashchat version 4.6.2, the current version is 4.7.7.
I would be very interested to hear why the people who voted 'No' have done so. |
#7
|
|||
|
|||
I'd like to hear so to.
Flashchat is perfectly safe, and i'm using it on a forum with 12k members. No security holes, and you should delete the extra CMS files anyway |
#8
|
||||
|
||||
My .02 cents - It is safe (but only until an exploit is discovered). This goes with any software though.
I used it for 1 year and updated it several times. My site was defaced twice while using it, both times because of flashchat, both times because I failed to update it when a fix came out (update). Because of the lack of attention that I give to addons such as flashchat, I decided to remove it. For the most part it was safe, but twice was too much for me. My time is stretched too far to worry about something that was never used on my site, so I removed it. Had it been used more, I may have kept up with the updates when they came out. My failure. My responsibility. |
#9
|
||||
|
||||
Quote:
So Christian, you where hacked beacuse you didn't installed the updates? It was no problem of FC... Grtz, Kris |
#10
|
||||
|
||||
That's right. There are people out there who look for exploits (more specificially my type of website unfortunately) in programs such as flashchat, see if you have IMPEX install files on your site, pretty much anything they can use against you - and if there's a vulnerability they will take advantage of that. If you are up to date, have removed your install files, etc., there are no worries. In my case, I had two outdated versions of flashchat (one with the more recent AEDating CMS security hole and the other I honestly don't remember - that was when I switched to vbulletin Aug/Sep 2005).
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|