Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 01-04-2009, 12:16 AM
MandarS MandarS is offline
 
Join Date: Dec 2008
Posts: 39
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default 3 Simple Questions

Hello Members,

I bought vBulletin 10 days ago. While using i found some errors.

1) Members can't login without www

eg. Login works great - www.sharingbb.com

Members can't login using http://sharingbb.com

2) Plugin Manager page changed

Yesterday i clicked on plugin manager and i found that the page has completely change automatically. First it was different now it is different.

I am posting page screenshot ( Sorry can't provide old page screenshot .. but i am sure you can find out the difference )

Screen shot -


3) Is it possible to hack vBulletin Forum ?

Few days ago i purchased VIP Membership on phpbb forum. There i found some hacking tutorials provided by forum staff members for VIPs!

One of them was How To Hack vBulletin .. I read that article and found that it is very easy to hack nulled vBulletin Board. Then i thought what about licensed ? So just wanted to ask if somebody knows my customer number can they hack my Board ?? or its impossible to hack it ?

And can i remove version details from footer to prevent hackers getting information ?

With warm regards,
Mandar
Reply With Quote
  #2  
Old 01-04-2009, 12:23 AM
snakes1100 snakes1100 is offline
 
Join Date: Dec 2001
Location: Michigan
Posts: 3,733
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

1. set cookie domain to .yourdomain.com (note the dot in front) that way www. & non www pages keep members logged in.

2. thats the plugin manager, not the product manager page. (If you mean what happened to the left column in that page?)

3. don not ask about nulled vb products., as far as vb being easy to hack, thats untrue, if you want oremove the vb version info, i do not believe thats against the license agreement.
Reply With Quote
  #3  
Old 01-04-2009, 12:33 AM
MandarS MandarS is offline
 
Join Date: Dec 2008
Posts: 39
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

thanks for replying sir. By the way can i delete my install folder to protect forum ?

And i asked admins of many large forums that why they are using phpbb . . .They told me that phpbb is used by real webmasters and it is very easy to hack vbulletin . . They also said that they will prefer using IPB instead of vb !

Of course i am big supporter of vb . . . Not going to listen them . . Cheers
Reply With Quote
  #4  
Old 01-04-2009, 02:54 AM
glennybee glennybee is offline
 
Join Date: Feb 2008
Location: Scotland
Posts: 329
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You can delete the /install folder if you want.
Reply With Quote
  #5  
Old 01-04-2009, 03:29 AM
MandarS MandarS is offline
 
Join Date: Dec 2008
Posts: 39
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

okies thanks ! And i was thinking how to set cookies ! from vbulletin options right ? By changing that blank ?
Reply With Quote
  #6  
Old 01-04-2009, 03:32 AM
Kirk Y's Avatar
Kirk Y Kirk Y is offline
 
Join Date: Apr 2005
Location: Tallahassee, Florida
Posts: 2,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by MandarS View Post
They told me that phpbb is used by real webmasters and it is very easy to hack vbulletin
I think they've got the two switched around.

Nulled vBulletin installations are prone to exploitation because (a) they're most likely running outdated and insecure components and (b) they're nulled! (it's very likely the person who nulled it also put security holes in).

If you're running an up-to-date and legal instance of vBulletin and you're careful as to what modifications (if any) you install, you've got nothing to worry about.
Reply With Quote
  #7  
Old 01-04-2009, 04:27 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

phpBB used to be the holy grail of exploits and hackability. However, the newer versions are likely to be pretty secure.
Reply With Quote
  #8  
Old 01-04-2009, 06:13 AM
MandarS MandarS is offline
 
Join Date: Dec 2008
Posts: 39
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

okay thanks a lot ! I am only installing mods from vb.org and one from vbseo .... Thats all ! Also removing / renaming install folder ! Edited .htaccess file any more suggestions ? Thanks
Reply With Quote
  #9  
Old 01-04-2009, 06:59 AM
singa singa is offline
 
Join Date: Dec 2008
Posts: 60
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Interesting discussion going here. I truly hope that this time, hackers can't hack into my board to install some spam bot or whatever they call it. Had SMF but after 16 months hackers were in the drivers' seats and the only thing I could do was watch...

It was a very user friendly board, though. Very good for people with no code/HTML/PHP knowledge like myself.

--------------- Added [DATE]1231059915[/DATE] at [TIME]1231059915[/TIME] ---------------

Quote:
Originally Posted by snakes1100 View Post
1. set cookie domain to .yourdomain.com (note the dot in front) that way www. & non www pages keep members logged in.

2. thats the plugin manager, not the product manager page. (If you mean what happened to the left column in that page?)

3. don not ask about nulled vb products., as far as vb being easy to hack, thats untrue, if you want oremove the vb version info, i do not believe thats against the license agreement.

Interesting Snakes,

I could use some of your advice as well. Where is the Plugin manager exactly so that I put in that one dot you mentioned? or is it set by default? I had the board installed by a vbulletin tech so things could be alright for me.... or?
Reply With Quote
  #10  
Old 01-04-2009, 08:12 AM
MandarS MandarS is offline
 
Join Date: Dec 2008
Posts: 39
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

@ singa

Well I dont think hackers can install any spam bot or something on vbulletin board. Its very secure board I have asked some pro hackers to hack my trial board ! Lets see now but i doubt they will succeed !

Installing vbulletin is very easy but if you want you can ask vb tech staff to install it !
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 04:40 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04677 seconds
  • Memory Usage 2,268KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete