Welcome to WebmasterWorld Guest from 54.160.187.160

Forum Moderators: rogerd

Message Too Old, No Replies

Phpbb hacked again?

All the images show up broken... Time to switch to VB?

     
8:45 pm on Dec 20, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 10, 2002
posts:531
votes: 0


Hey folks,

Some of you might have noticed that I use phpbb from some of my posts. I am starting to re-think this. Today phpbb looks like it's been hacked AGAIN...

I am creating a new web site with a forum, jumped over to phpbb to get a recent build and lo and behold... DOH!

I might be kicking the tires on VB for the next forum web site I think...

9:15 pm on Dec 20, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member eelixduppy is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 12, 2005
posts:5966
votes: 0


Any open-source script is going to have security flaws in it.

You can always wait for BestBBS to be released ;)

7:18 am on Dec 21, 2006 (gmt 0)

Junior Member

10+ Year Member

joined:Mar 16, 2005
posts:118
votes: 0


Today phpbb looks like it's been hacked AGAIN...

Where are you seeing this? I see no mention of a new attack on the support forum.
<added> Just noticed your sub title. Images are fine now.
12:12 pm on Dec 21, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member eelixduppy is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 12, 2005
posts:5966
votes: 0



<added> Just noticed your sub title. Images are fine now.

Wow, seems like it got me too ;)

12:19 pm on Dec 21, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member trillianjedi is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Apr 15, 2003
posts:7246
votes: 0


There is nothing wrong with phpBB. 99% of any problems with it stem from the user not locking it down properly.

vB is equally open to attack.

Usual security measures apply. Change all the script names. Remove all indications in text of what the software is and its version number etc. All the standard stuff. A phpBB specific is remove all the highlight content code.

Do the basics and it's as secure as any other web based application.

Many highly popular forums use phpBB without the slightest issue or hickup.

TJ

11:44 pm on Dec 21, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 10, 2002
posts:531
votes: 0


Well, the images are back now, but they either were hit or did some revamping to cause to create a temp. image problem.

I just opened a new forum site. I have had tremendous success with forums in the past, this time, for the first time, I am trying Vbulletin. Wish me luck.

So far I LOVE the admin interface, sooo much more then phpbb BUT phbb is free and I understand it. I guess a bit of learning on my part is required before I can give an authoritive comparision. So far so good though...

BTW I do "realize" they both have security flaws, what is written in php that doesn't? I am wanting the best, only the best will do.. hehe

Oh well, we will see. Let the tire kicking begin.

11:58 pm on Dec 21, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 10, 2002
posts:531
votes: 0


Many highly popular forums use phpBB without the slightest issue or hickup.

Well I sure have had "hickups" I have the latest version, about 5 different mods to keep spammers out, thankfully it is now under control (knock on wood) . My phpbb install is on a VERY popular board, and is seriously targeted by hackers and spambots. I truly am satisfied with it, but I have heard so much about VB and have wanted to try it, so today when I saw all images broken on phpbb.com I figured NOW was a good time to try it since I am kicking off a new board.

I will be happy to post comparisons between the two when I get a real good feel for VB if you folks want me to.

2:17 pm on Dec 23, 2006 (gmt 0)

Administrator

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 2, 2000
posts:9686
votes: 0


>>I will be happy to post comparisons between the two

Please do, MTheissen. It will be interesting to hear your perspective.

2:30 pm on Dec 23, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member trillianjedi is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Apr 15, 2003
posts:7246
votes: 0


I will be happy to post comparisons between the two when I get a real good feel for VB if you folks want me to.

That would be really good.

I misunderstood you I think - I read your posts as wanting to change software for security reasons.

TJ

10:52 pm on Dec 23, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 10, 2002
posts:531
votes: 0


Well so far so good, I added vbSEO and was really impressed with the ease of install and the TONS of options availible.

One thing that REALLY stood out to me was the dynamically generated meta tags for each page. It does a GREAT job of figuring out keywords and description for the post!

so far my only grief is the captcha. It is soooo easy to enter the wrong code.

No spam to it so far, but it's just out of the gate.

Planing on heavily promoting the new community site with adwords etc etc.

Will keep you posted on how it turns out.

I shut off captcha for a while, will turn it back on when the spambots come (and they will come, they just "smell" me on the web...)