How About Creating A "I've Been Hacked" Forum?

**PJAmerica** · Tue 15 May '07, 6:10am

Originally posted by Mrs. Blaileen

There are so many people reporting that their sites have been hacked, or
have had hacking attempts, that maybe creating a new forum to address
this might help consolidate information to make it easier for them to find solutions.
Maybe call it a Security Issues forum, or something like that.

That would just give said hackers a more viable place to watch and learn what is what and where.

**Colin F** · Tue 15 May '07, 6:15am

To be honest, the amount of customers that think they were hacked isn't really big compared to the number of other questions we get. In my opinion it's definitely not enough to warrant an own forum.

**Adrienne** · Tue 15 May '07, 6:22am

Maybe not such a good idea after all. And I certainly don't want to
give hackers any kind of an edge.

**FreshFroot_** · Sat 19 May '07, 9:18pm

Well I haven't seen any boards get hacked lately and if they do, it's usually the users fault. Either they don't update their software and I can't see how you cannot upgrade it? The admincp tells you if a new release is out.

Also addons, some addons have flaws and hackers get through them. However, these days I haven't seen many addons get hacked.

It's all about being smart and planning ahead for security.

**ManagerJosh** · Sun 20 May '07, 12:00am

Labeling it a "i've been hacked" forum does not instill customer confidence.

**Jose Amaral Rego** · Sun 20 May '07, 12:31am

Most forums are hacked, cause they install a script or addon to or with vBulletin.

**elliotcroft** · Sun 20 May '07, 1:46am

It might make people pretend that their forum had been hacked but they realy just want to be the administrator on it.

**Adrienne** · Sun 20 May '07, 4:07am

Originally posted by ManagerJosh

Labeling it a "i've been hacked" forum does not instill customer confidence.

That's the deal breaker right there- nevermind!

**Eagle Creek** · Sun 20 May '07, 3:08pm

And besides.. I think vB itselfs is pretty safe software. It's in most cases a poorly patched and/or configured webserver or 3th party software (at the server)/scripts(plugins at the forum) that caused the problems.

Labeling it a "i've been hacked" forum does not instill customer confidence.

LOL!
I can agree with that.
That's like walking into a supermarket and the first thing u see is a box that says "put all your complaints about our products in here".

**eoc_Jason** · Mon 21 May '07, 8:44am

Yep, I have to agree with some of the above comments. Usually a hacked forum is not vBulletin's fault. It's usually the admin's incompetence by not updating their forum software, updating or configuring software on their server, or using buggy add-ons.

I try to shy away from user created vB add-ons these days. Most are so poorly coded that I could spend less time writing my own from scratch doing a proper job than trying to fix an existing one someone else slapped together.

Even a popular "SEO" product that people use I found an extremely fatal flaw (allowed you to view any file unparsed on the server readable by the web server). At a minimum a person could easily read the username, pw, and db in the config.php file and connect to the DB remotely if they didn't have a firewall blocking the port. Use your imagination about what else you could do reading any file on a server. But I was kind and reported it to that company without posting any public info as to what or how it was done. After browsing through the code more and finding several more bugs / flaws I finally just said to heck with it and deleted the files.

How About Creating A "I've Been Hacked" Forum?

How About Creating A "I've Been Hacked" Forum?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment