Page 1 of 1
Forum Fixing
Posted: Sat Mar 29, 2008 7:08 pm
by VidE
Mr. Lost Marble, Administrator (Mike?) person, who is minding the forum... Thank You BIG TIME for getting the forum back and happening! Not just the posting but the search functions.
Posted: Sat Mar 29, 2008 7:12 pm
by Rasheed
Now the server only has to be hardened against things like "SQL injection" (whatever that is). I think that is how the hackers got in the last two times.
Posted: Sat Mar 29, 2008 11:52 pm
by heyvern
I find it unlikely that any type of publicly available forum software with wide use like phpBB is going to allow "SQL injection". Possibly this could be used to just view things but not to change the database.
If this were the case then maybe a new version phpBB is probably needed... still that seems unlikely since all forums are based on sending SQL commands.
-vern
Posted: Sun Mar 30, 2008 5:22 am
by Rhoel
heyvern wrote:I find it unlikely that any type of publicly available forum software with wide use like phpBB is going to allow "SQL injection". Possibly this could be used to just view things but not to change the database.
If this were the case then maybe a new version phpBB is probably needed... still that seems unlikely since all forums are based on sending SQL commands.
-vern
phpBB is now in version 3 - this board is on version 2.
3 was a top-down rebuild with specific focus on security. I have it running on another site and it does have some nice features: Some favorites are done. Not sure how Mike would do an upgrade - whether this is an auto process or not.
Rhoel