Hack Attacks

**Steve Machol** · Sat 7 Jul '01, 1:25pm

Joe,

I sympathize with your plight. However it's not really that hard to upgrade from an earlier version to the latest. What trouble are you having?

**tubedogg** · Sat 7 Jul '01, 1:29pm

I can understand your point to a certain extent. Two things I disagree with you on:

First, the screen where you purchase installation support clearly states that it is one-time-only and you are agreeing to this.

Secondly, vBulletin 2.0 betas were just that - betas. They were not intended to be run by the masses, but by the more technically inclined given the understanding that beta software can and sometimes does bring your system to a screeching meltdown or subject you to certain other risks, such as being hacked. They were not officially supported because of this.

All this said, it is really not hard to upgrade. Installing is one thing as it requires a bit more knowledge, but upgrading is a matter of uploading the files and clicking through the upgrade screens in your browser.

**jtracy** · Sat 7 Jul '01, 4:04pm

Thank you both for your messages. I would agree that if there wasn't a security issue then a person should be charged. But when there is a major security issue resulting in mass hacks and publicly posted details on how to hack into such sites then it is the job of the software maker to make good and that means that if a person purchased a vBulletin installation then they should upgrade the security issue (even if it doesn't upgrade the forum) at no cost.

It doesn't help that I am currently in a six month in-depth use of vBulletin for a review I'm to write on the software product. Up until this point I had been extremely pleased with both the product and service. While I'm still impressed with the product (and believe it is the best out there), the service ("even though you paid to have us install it, we are going to make you pay to fix a major security problem") is leaving a lot to be desired and is being mishandled (IMHO) on vBulletin's side.

Regarding Upgrading.

I would agree that upgrading might be a simple process if the directions in the manual were more clear and step-by-step. They aren't. It simply says, in general, "Upload all files". I think if I uploaded all files of 2.0.1 I would erase some important elements and customization. There have been a post or two more clear on these boards, but the official guidelines are still lacking big time.

Thank you for your excellent comments/suggestions. I will be attempting a self upgrade later this evening...

Joe Tracy

**tubedogg** · Sat 7 Jul '01, 4:10pm

Unless you edited the PHP files (in which case my next question is if you can edit the PHP files do you really need help upgrading) nothing will be overwritten. Everything is stored in the database. It really is just a matter of uploading the files and running the upgrade scripts.

**jtracy** · Sat 7 Jul '01, 6:12pm

I'm working on the install and I'm at the point where you run upgrade3.php, etc..

When I first tried running the upgrade3.php, I received the following error message: "Security alert! install.php still remains in the admin directory. This poses a security risk, so please delete that file immediately. You cannot access the control panel until you do."

No problem. I deleted install.php from the admin directory on my server. I then tried running the script again and received the exact same error message even though I clearly deleted install.php. I double checked the server admin directory and install.php is gone. Ideas?

Joe Tracy

**jtracy** · Sat 7 Jul '01, 6:14pm

For those who had the same problem as me above, I resolved the problem by clearing my cache, history, then rerunning it.

Joe Tracy

Hack Attacks

Hack Attacks

Comment

Comment

Comment

Comment

Comment

Comment