View Full Version : Plugins safe or not??
Davidhi
Tue 12th Sep '06, 11:06am
Converted my SMF forum to vBulletin, Im happy mmbers are happy bla bla bla
Keep coming across posts where sites have been hacked via plugins, being hacked is something I do worry about and download backups now dailly after being hacked using phpbb.
Ive installed a few plugins and just wanted to know if they were safe to use as I'd rather remove that get hacked again.
plugins installed are:
Competitions
Arcade
Users visted in last 24 hours
banner per forum
vbshout
just wanted to know if there was any history of sites being hacked through these plugins?
Cheers
Mark.B
Tue 12th Sep '06, 11:18am
Converted my SMF forum to vBulletin, Im happy mmbers are happy bla bla bla
Keep coming across posts where sites have been hacked via plugins, being hacked is something I do worry about and download backups now dailly after being hacked using phpbb.
Ive installed a few plugins and just wanted to know if they were safe to use as I'd rather remove that get hacked again.
plugins installed are:
Competitions
Arcade
Users visted in last 24 hours
banner per forum
vbshout
just wanted to know if there was any history of sites being hacked through these plugins?
Cheers
The plugin system itself is secure, of course it all depends on what code you run in the plugin.
The two arcades have no known issues, Users in last 24 hours is one of Paul M's and I'd eat my forum if one of his hacks turned out to be insecure, competitions and banner per forum I have never used, vBshout did have some issues, I don't know if they have been fixed.
In basic terms you theoretically increase the chances of running insecure code if you use plugins, but that doesn't mean you shouldn't use them.
Davidhi
Tue 12th Sep '06, 1:20pm
Thanks for that, I would rather remove the hacks now than risk any hacking attempt at a later date due to a plugin even if it is a small percentage.
Cheers
Mark.B
Tue 12th Sep '06, 1:46pm
That's fully understandable....personally I think it's a little over cautious, but there is a lot to be said for running a stock vB with no modifications. Plus of course you'll get full Jelsoft support for your board.
Davidhi
Tue 12th Sep '06, 2:08pm
Maybe but I'd prefer to be 110% secure rather than risk any hacking attempts.
I have kept the users online in the last 24 hours as you have agreed to eat your forum, that could be quite interesting if it happened lol.
(maybe a standard future feature for vb as its widely used hint hint lol)
also kept the banners mod unless i can code my own at a later date.
thanks for your help.
vBulletin® v3.8.0 Beta 3, Copyright ©2000-2008, Jelsoft Enterprises Ltd.