Announcement

Collapse
No announcement yet.

phpbb hacked ???? www.phpbb.com

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Zachery
    replied
    I think the thread has gone far enough.

    No one deserves to be hacked and all of the phpBB devs and staff are a group of people who did not deserve to be hacked or defaced.

    There are quite a few differnt varibles that could account for a server breach, I very much doubt it was phpBB. if it had been there would be a new patch out soon, and the big but tracking sites would have a report.

    Anyway thread closed.

    Leave a comment:


  • JPT62089
    replied
    ok I just want to say this.

    If you created a very popular forum software and it was going very good. you have millions of users using your software. Then all of a sudden your whole site got hacked because of your software not being secure enough wouldnt you say it was something else to cover up for that? I am not saying that they are for sure but it is a possibility.

    Just IMHO

    P.S. Please do not reply to this if you would like to argue. I do not want my thoughts to be the cause of this thread closed. Thanks. Have a good day

    Leave a comment:


  • Floris
    replied
    phpBB software discussions are to be held on their web site. Not hours.

    They say this was not a security issue with phpBB, so no need to discuss the forum software.

    Leave a comment:


  • JPT62089
    replied
    very true but I am not trying to start an arguement so I shall be quiet lol

    Leave a comment:


  • steven s
    replied
    Originally posted by JPT62089
    [snip]if no one on their team knows how to make it more secure then they should hire someone who does![snip]
    Hire someone? phpBB doesn't get $160 from every board owner, plus $30/year thereafter. It's open source and free.

    What software is secure? Do you think vB 3.0.0 was secure? How about 0.1, 0.2, 0.3, 0.4, 0.5 and now you think 3.0.6 is secure? No software is secure. Is Windows secure? I like the fact that vB responds to security issues. phpBB also responds to security issues. Even though phpBB is free, I have no doubt that security is a top priority just as it is with vB.

    And if it was a hole in AwStats, many of us are at risk.
    And many of us who are hosted have little control over it.

    I'm glad to see at least the phpBB home page is up. That is a start.

    Leave a comment:


  • JPT62089
    replied
    Originally posted by Odysseus
    Comments like this are very dumb and not worthy to be posted by someone who calls himself a vBulletin Administrator.

    What if your server / board / whatever gets hackes by some morons?
    my whole server got hacked! every single file was changed because of phpbb's insecure board. Now maybe I was a bit crude but dont you think that if you are going to make a bb software you are going to make it as secure as you can? I am not saying I do not respect phpbb or anything because I do but I think they should learn from their mistakes. if no one on their team knows how to make it more secure then they should hire someone who does!

    just imho

    Edit: GOSH I just missed the commercials!!! (super bowl commercials) dangit lol

    Leave a comment:


  • Andrew111888
    replied
    I have used phpBB in the past and use them whenever I need a free board.

    For being free and Open Source it's a solid alternative to vBulletin if you do not want to pay for a forum software, and they don't deserve to be hacked.

    Leave a comment:


  • Odysseus
    replied
    Originally posted by JPT62089
    OMG thats too funny haha they get what they deserve i guess lol
    Originally posted by JPT62089
    really why would phpbb do that? exactly they wouldnt... they just have a very insecure board lol
    Comments like this are very dumb and not worthy to be posted by someone who calls himself a vBulletin Administrator.

    What if your server / board / whatever gets hackes by some morons?

    Leave a comment:


  • KimmiKat
    replied
    I agree. They do alot of work on their software and is an alternative to many who can't afford vB at the moment or waiting to afford it.

    Originally posted by 1996 328ti
    I don't think phpBB deserves that. No one deserves that.

    Leave a comment:


  • CeleronXT
    replied
    Originally posted by 1996 328ti
    I don't think phpBB deserves that. No one deserves that.
    Some people do. These people, however, most certainly were not among them.

    Leave a comment:


  • dhn
    replied
    We are currently experiencing problems with the server itsellf. This was not related to phpBB, as mentioned before we assume it is due to awstats. Other sites got hit around the same time, by the same group, using the awstats hole.

    Read more on the awstats hole, and update now if you didn't do it already.

    Warning, a security hole was recently found in AWStats versions from 5.0 to 6.2 when AWStats is used as a CGI: A remote user can execute arbitrary commands on your server using permissions of your web server user (in most cases user "nobody").
    If you use AWStats with another version or with option AllowToUpdateStatsFromBrowser to 0, you are safe. If not, it is highly recommanded to update to 6.3 version that fix this security hole.
    Thanks for the kind words here, we are doing our best!

    Leave a comment:


  • Vic D'Elfant
    replied
    Originally posted by Floris
    According to Vic from support.phpBB their server isn't compromised.
    Source: http://area51.phpbb.com/phpBB/viewto...d=&f=6&t=17169

    <Vic> hello floris
    WHOIS| Vic ([email protected]) (identified user) ircname : Pythago

    <floris> I just read on our forum that your site was compromised.
    <floris> Sorry to hear that.
    <Vic> our site was not compromised
    <Vic> http://area51.phpbb.com/phpBB/viewto...d=&f=6&t=17169
    <floris> Well, defaced then.
    Hello everyone,

    as far as the phpBB team knows this is not a phpBB issue, but rather an issue with AWStats (more info: http://www.ypjain.com/simplesecurity...rity-hole.html). We're doing our best to get the server back up again. More up-to-date information will be posted either at phpBB.com as soon as it's back up, or at area51.phpbb.com (http://area51.phpbb.com/phpBB/viewto...d=&f=6&t=17169)

    psoTFX/Paul thanks the majority of people in this thread who recognise a situation like this isn't "funny"

    Regards,
    Vic D'Elfant (phpBB Support Team)

    Leave a comment:


  • JPT62089
    replied
    too true lol I didnt think of that...

    I think its time to go to bed tho... (3:05 AM here)

    Leave a comment:


  • Floris
    replied
    Even if you have a backup .. it takes time to restore properly, check & update security and apply preventative meassures. And besides that, it takes time to properly analyse the attack & archive it so you can properly report the unauthorized access to the authoraties.

    According to Vic from support.phpBB their server isn't compromised.
    Source: http://area51.phpbb.com/phpBB/viewto...d=&f=6&t=17169

    <Vic> hello floris
    WHOIS| Vic ([email protected]) (identified user) ircname : Pythago

    <floris> I just read on our forum that your site was compromised.
    <floris> Sorry to hear that.
    <Vic> our site was not compromised
    <Vic> http://area51.phpbb.com/phpBB/viewto...d=&f=6&t=17169
    <floris> Well, defaced then.
    Last edited by Floris; Sun 6th Feb '05, 2:10am.

    Leave a comment:


  • JPT62089
    replied
    apparently they didnt have any backups

    I wonder when they will be back up...

    Leave a comment:

widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X