The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#11
|
||||
|
||||
Oh, Ok, LOL
You were talking about a brother in arms and I was starting to get a little unnerved. |
#12
|
||||
|
||||
We can start with a small one
|
#13
|
|||
|
|||
As one who had two sites hacked since the new year I would like to see this added also. Not on how to hack but how to prevent being hacked, tips, etc. Maybe a stickied thread where the latest security issues found with various add ons for vbulletin could be posted warning others if they didn't know about them.
My case with vbgallery I hadn't been on their site lately and did not receive an email they sent out stating issues with the gallery and that they had an update out for it. |
#14
|
||||
|
||||
I was hacked a few years ago on my old server but it turned out they just replaced the index.html in the domain directory with their own and renamed mine. Copying mine over theirs fixed it for me. That is one of the most common ways I have seen and it causes a lot of concern until you find out how they do it. I don't think we all ought to go out and buy guns because someone tripped over someone else's shoestring. Nex is right in the idea that if we bring attention to these clowns, it is only going to draw them out and make it worse.
(You owe me, Nex) |
#15
|
||||
|
||||
Bravo.
Anyone can get that kind of response. Hacking and coding are amazingly two entirely different things. It can happen to anyone of us. What can we do? Pray? lol Not much really, if they have the skill they can get into it and while I own a website and forum I respect that. When we actually do something worth hacking, like a shop, I'm going to hire a hacker to make it hacker proof and make them liable if it's hacked if they'll accept the job. If not, I don't really care. Boo hoo, call your host, get your Super Admin account set back up and own them. However they deserve to be respected and since I can't beat them, I can hire them. That's my perspective. |
#16
|
|||
|
|||
Moved to Site Feedback.
I don't see much use of creating a seperate section on this. There are already advices on how to operate your board securely on both vB.com and vB.org. If there are more security tips, then feel free to write an article about it. If a vulnerability is found on a modification here on vBulletin.org, we already do warn the users of that modification. My view: All information is already there, but people tend to ignore it until too late. No new section will change that. |
#17
|
|||
|
|||
if you see the mean for such security service, why don't you start a new vBulletin-Security-SWAT ?!... starting a forum with just these kind of topics in mind ?!
it is like when people wants a forum for SEO and search engine related topics... nobody block you from doing so, maybe just not ALL HERE... that's all... also, hacking a hosted account have not a single link between vBulletin and the server... 95% of the hacking related to the sites that were listed here as "hacked" were hacked outside vBulletin engine, by not having enough securities on the server, so people need to understand what they are doing when they host a site like this, instead of thinking everything is fine until they are hit... when someone come here and say "my site was hacked, he accessed my database and i'm crashed"... i can say that most of the time, if not all the time, that was a serverside situation of a hacker who knew how to obtain the config.php data to hack into the database... no need to crash an entire site, you just have to infiltrate and make fun of it... this is basic site administration, not forum code. this topic started because one of the partner of the admin trashed from the inside... not a single bit of code related to security.. it's all about confidence to the persons you're supposed to trust before giving them access to the administration... i don't think Bill Gates would give the key from his house to his business partners... |
#18
|
||||
|
||||
Quote:
I think I got all the security measures in place on my board and despite that I got my dB deleted totally for a hired coder. Well security is a plus anywhere, so if we keep thinking that vB is mostly a hobby than a Business/Investment then forget about protection. |
#19
|
|||
|
|||
your problem is actually not related to vBulletin at all, you know it... it depend on the access you gave to someone... even if Jelsoft develop a level 7 security protocol, there will be nothing they can do if the best security is to not give access to the database... this is not security of a script at all..
the first words are always : BACKUP YOUR DAMN DATABASE AND KEEP IT SAFE... if you can't follow that, forget about securities... |
#20
|
||||
|
||||
What harm is there in organizing information to help protect administrators?
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|