i was thinking about gettin vbulletin but when your 14 150 bucks doesnt come easily.
Printable View
i was thinking about gettin vbulletin but when your 14 150 bucks doesnt come easily.
I've been using phpBB since 2.0 release and while I've been wary of the issues at hand, never once I've had my database hacked or my board compromised. Maybe it has something to do with the fact that I never index my pages with any search engines. I've removed all metadata content from the headers and since I'm behind a firewall (ipchains) and router, I'm not abject to the cookie vulnerability, etc...
I like phpBB as it definitely allows me to use postgresql, something that other boards don't do. Everything's mySQL or some **** and that pisses me off!
Indeed. a robots.txt does wonders. It also never ceases to amaze me how many people install it and do not do the recommended things like changing the config files back to something like 444...Quote:
I've been using phpBB since 2.0 release and while I've been wary of the issues at hand, never once I've had my database hacked or my board compromised. Maybe it has something to do with the fact that I never index my pages with any search engines. I've removed all metadata content from the headers and since I'm behind a firewall (ipchains) and router, I'm not abject to the cookie vulnerability, etc...
I have used it before and never had a problem either, but I have seen other boards hacked.
Yeah, I don't think I'll ever have a robots.txt file unless I make sure everything that I want kept away listed in the denied section. I have to wonder how the invention of spiders would not be have been abused, etc...
Just a word of warning with robots.txt.
I read it somewhere and I can't remember where and it might be a "Google hack" that people look for robots.txt and read it to see what you don't want to be publicly available... Then they go and look at it anyway..... 'cos it really is publicly available.... ;)
Just a thought.....
AntiOnline runs vBulletin, too :)Quote:
A very good Brazilian security site runs vbulletin now. I will ask the owner what are his impressions about this.
Well, vBulletin is very nice software, is well coded but it is not cheap. When you think of other CMSs out there that do cost money, that is not a huge cost at all. Also, a lot of open source cms's have dual licensing schemes as well.
So yeah, check with other people and see how they like it...
If you were really worried about it, you could use this link:Quote:
I read it somewhere and I can't remember where and it might be a "Google hack" that people look for robots.txt and read it to see what you don't want to be publicly available... Then they go and look at it anyway..... 'cos it really is publicly available....
http://services.google.com/urlconsole/controller
Its broken right now but google says you can instantly remove yourself from the index.
In addition, its not really the indexing thats the problem, its being indexed and cached. So the problem is being cached before you can password protect. but why not password protect in the first place...?
hrm, well thanks for all of your suggestions. Ill have to think over what my next step will be. But just a ? if i have his IP isent there anything i could do?
I got al little help with figuring out someones ISP and contacting them in this thread. Hope it helps.
http://www.antionline.com/showthread...hreadid=251185