Go Back   vb.org Archive > News and Announcements > vBulletin Pre-Sales Questions
Reload this Page Security question
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
Page 1 of 2 1 2
 
Thread Tools Display Modes
  #1  
Old 06-20-2003, 04:51 PM
Mathman Mathman is offline
 
Join Date: Jun 2003
Location: Detroit, Michigan
Posts: 7
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Security question
If I incorporate a v-Bulletin forum as part of a larger site, what concerns, if any, should I have in regard to security protection for the rest of my domain -- i.e., hackers, viruses, etc. Are there any features that I should enable or disable to protect the rest of my domain on the same server?

Thanks very much.

Mathman
Reply With Quote
  #2  
Old 06-20-2003, 05:13 PM
filburt1 filburt1 is offline
 
Join Date: Feb 2002
Location: Maryland, US
Posts: 6,144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
As long as you keep your version of vB up-to-date and don't change settings unless you know what you're doing, there shouldn't be any problem.
Reply With Quote
  #3  
Old 06-21-2003, 10:30 AM
Xenon's Avatar
Xenon Xenon is offline
 
Join Date: Oct 2001
Location: Bavaria
Posts: 12,878
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
vb is very secure, and as long as you didn't enable html code posting for users you won't get in trouble
Reply With Quote
  #4  
Old 06-21-2003, 08:59 PM
Mathman Mathman is offline
 
Join Date: Jun 2003
Location: Detroit, Michigan
Posts: 7
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Thanks for the responses, Filbert and Xenon.

Mathman
Reply With Quote
  #5  
Old 06-23-2003, 05:03 AM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Of course, the server itself is another issue altogether. Hackers can get to your site via security holes in your server. Ensure you have a firewall running, you have the latest kernels, and the latest patches for apache, php and mysql.
Reply With Quote
  #6  
Old 06-23-2003, 05:35 AM
Talisman's Avatar
Talisman Talisman is offline
 
Join Date: Aug 2002
Location: USA/West Coast
Posts: 371
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
The greatest vulnerability I've seen around here comes from admins using passwords that are easy for others to guess. Be sure to choose your helpers with care and don't be generous giving access unless you need to.
Reply With Quote
  #7  
Old 06-24-2003, 08:59 AM
DaveRobbo's Avatar
DaveRobbo DaveRobbo is offline
 
Join Date: Nov 2002
Location: Berkshire, UK
Posts: 36
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
06-21-03 at 12:30 PM Xenon said this in Post #3
vb is very secure, and as long as you didn't enable html code posting for users you won't get in trouble
This isn't really a pre-sales question from me - I'm already a fully paid-up member ... but this seemed a good place to ask.

I really want to close up the HTML code option for "normal" users, but wish to allow it for admins. Is this possible? Is there an override for admins (maybe even an implicit one?)

Naturally I want to close the security hole to stop other potentially malicious users doing bad things with HTML in their posts but some of the admin's posts have been "prettied up" with some fancy HTML

Can this be done?

Dave
Reply With Quote
  #8  
Old 06-24-2003, 10:35 AM
filburt1 filburt1 is offline
 
Join Date: Feb 2002
Location: Maryland, US
Posts: 6,144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Please start your own thread in the appropriate forum.
Reply With Quote
  #9  
Old 06-24-2003, 11:47 AM
DaveRobbo's Avatar
DaveRobbo DaveRobbo is offline
 
Join Date: Nov 2002
Location: Berkshire, UK
Posts: 36
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Today at 12:35 PM filburt1 said this in Post #8
Please start your own thread in the appropriate forum.
Please tell me which is the appropriate forum then? All the others seem to be about requests for new hacks or questions about existing hacks. I can't see a plain "questions" forum except for this one
Reply With Quote
  #10  
Old 06-24-2003, 12:54 PM
filburt1 filburt1 is offline
 
Join Date: Feb 2002
Location: Maryland, US
Posts: 6,144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Hack Requests.
Reply With Quote
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 07:55 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.09280 seconds
  • Memory Usage 2,246KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete