vBulletin is not making any progress

MRGTB replied

Mon 30 Jul '07, 10:57am
Originally posted by Anthony89 View Post

If you're worried about that you can just not advertise your forum on vb.org If he doesn't know your forum URL, then he can't hack it.

But your kind of missing the whole point of what I was trying to say really

The point I was trying to get across, was that things like that can happen.

And what about if he puts some code in the hack, that he can seach for in Google to find sites with his hack installed - there are still others ways he can find it, even if you do hide your URL on vB.org.

He, he, You'd be easy if thats how you think

Last edited by MRGTB; Mon 30 Jul '07, 11:02am.
Leave a comment:
AVC replied

Mon 30 Jul '07, 7:59am
Originally posted by anthonyparsons View Post

I only have the one reply to the topic of this thread, and that is that I have used many of the free alternative forums over the years, all off which have been generically hacked via worms, bugs, viruses, Trojans, etc blanketed across the web. Vbulletin is the only forum software I have had that has so far eluded all general web attacks, exploits and vulnerabilities, to never wakeup, turn on my forums and see some crappy hacked note awaiting me.

I would say the money is well worth it, because I haven't had to worry about removing hacked exploits from my forum since switching to vbulletin.

Anthony, all forums including vB forums are under attack 24/7/365 by hackers and spammers.

These hackers are using comment spamming scripts, spam harvesting bots, content scraping bots, in addition to scripts that look to plant virus links within comments so they can hijack even more computers for their bot nets to increase their resources.

Without an administrator watching guests and their IP's hitting your forum you are simply unaware of this constant threat is all.

Last edited by AVC; Mon 30 Jul '07, 8:02am.
Leave a comment:
Anthony89 replied

Mon 30 Jul '07, 7:45am
Originally posted by MRGTB View Post

What I do think people should be real careful of though, And I don't mean to put people of installing mods. But how do you know for example, when a mod is released on vB.org. That the person releasing it is not a hacker and has on purpose added an exploit into his mod, so he can check who's installed his hack, then exploit there board later on?

If you're worried about that you can just not advertise your forum on vb.org If he doesn't know your forum URL, then he can't hack it.
Leave a comment:
MRGTB replied

Mon 30 Jul '07, 6:11am
Originally posted by Fusion View Post

Still, like you point out, most, if not all of those hacked boards got hacked, not because of a direct weakness in the software, but rather due to poor external security, the use of bad mods etc.

Well yes, sometimes its a case of people installing mods from vB.org that have security breaches in them. Or maybe not updating to the latest version of vBulletin when a new release is posted with security fixes founds etc.

What I do think people should be real careful of though, And I don't mean to put people of installing mods. But how do you know for example, when a mod is released on vB.org. That the person releasing it is not a hacker and has on purpose added an exploit into his mod, so he can check who's installed his hack, then exploit there board later on?

You can never be to careful, and hackers do own vBulletin licences and have access to there site to release mods there to do this type of thing if they wanted too.

Last edited by MRGTB; Mon 30 Jul '07, 6:14am.
Leave a comment:
Fusion replied

Mon 30 Jul '07, 5:45am
Still, like you point out, most, if not all of those hacked boards got hacked, not because of a direct weakness in the software, but rather due to poor external security, the use of bad mods etc.
Leave a comment:
MRGTB replied

Mon 30 Jul '07, 5:24am
But I wouldn't rule out the fact it can happen though, I agree vBulletin is a secure board. But you do read threads were people have been hacked, there was one posted on vB.org yesterday where a person had his vBulletin board hacked.

So never take anything for granted and still do all you can to make it even mroe secure than it already is, like protecting folders with .htaccess files using your cPanel options etc.
Leave a comment:
anthonyparsons replied

Mon 30 Jul '07, 4:55am
I only have the one reply to the topic of this thread, and that is that I have used many of the free alternative forums over the years, all off which have been generically hacked via worms, bugs, viruses, Trojans, etc blanketed across the web. Vbulletin is the only forum software I have had that has so far eluded all general web attacks, exploits and vulnerabilities, to never wakeup, turn on my forums and see some crappy hacked note awaiting me.

I would say the money is well worth it, because I haven't had to worry about removing hacked exploits from my forum since switching to vbulletin.
Leave a comment:
Fusion replied

Mon 9 Jul '07, 1:10am
Originally posted by RedTyger View Post

It would be nice to have quotes longer than X characters made collapsible and collapsed to begin with. Wouldn't it?

That would actually be neat. Anyone made the suggestion yet?
Leave a comment:
RedTyger replied

Mon 9 Jul '07, 12:43am
Originally posted by Dream View Post

Dude do you really need to quote his whole post to say a three-liner

It would be nice to have quotes longer than X characters made collapsible and collapsed to begin with. Wouldn't it?
Leave a comment:
Ohiosweetheart replied

Sun 8 Jul '07, 9:26pm
Originally posted by Fusion View Post

Yes, just for you.

LOL...
Leave a comment:
Fusion replied

Sun 8 Jul '07, 8:34pm
Originally posted by Dream View Post

Dude do you really need to quote his whole post to say a three-liner

Yes, just for you.
Leave a comment:
MJM replied

Sun 8 Jul '07, 7:04pm
Aha! Another opportunity to offer a 'use of quotes' posting tip which I recommend to our members.

Sometimes it is helpful that a full quoted post (even one displayed in a previous post in the thread) be included in the email notification.
- to provide contextual reference to the quoted poster and/or any members subscribed to the thread,
- and when referencing an older thread incase the subscriber may have forgotten the context of the thread.

However the quoted portion can cause unnecessary clutter in the forum thread.

Therefore if you feel it is necessary to include the quote in with the email notification, after the post has been made, use the post Edit function and snip/shorten or remove the quoted portion.
Leave a comment:
Dream replied

Sun 8 Jul '07, 6:37pm
Originally posted by Fusion View Post

Hey, r0xt4r.

I tend to agree with your post, I hope that with the recent acquisition we'll see more official addons and perhaps some kind of package deals combining the various options.

Dude do you really need to quote his whole post to say a three-liner
Leave a comment:
MRGTB replied

Sun 8 Jul '07, 4:02pm
Remember "Flashchat" as a prime example, tons of boards got hacked because of that mod. It was patched later though.
Leave a comment:
dkon26 replied

Sun 8 Jul '07, 3:58pm
Originally posted by MRGTB View Post

Well more a problem with unsupported third party hacks from vB.org for example. Is you have to remember your buying vBulletin for a number of reasons, one of them because vBulletin is a very secure forum board.

When you start installing hacks from vB.org, that hack might have been created by a person who has introduced a number of security issues. Which kind of defeats the whole object really. Thats why it's always better to buy the official products, because you know they will be supported with each vBulletin upgrade, and security issues found will be fixed.

I couldnt have said that any better!
Leave a comment:

Announcement

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment:

Leave a comment: