Forum security

Tell us about your other hobbies & none QL related items here :)
Post Reply
User avatar
1024MAK
Super Gold Card
Posts: 592
Joined: Sun Dec 11, 2011 1:16 am
Location: Looking forward to summer in Somerset, UK...

Forum security

Post by 1024MAK »

StarDot Forum recently went off line for 36 hours :(. But it is back up and running okay and has been for a little while now :D.
StarDot Admin wrote:The forum database was compromised. The upshot of which is that the contents of the database user table was stolen, resulting in everyone's username, email address and hashed password being harvested.
StarDot Admin wrote:The breach was a result of letting our underlying server software get out-of-date. We were three minor upgrades of the forum software behind, but I postponed the last forum upgrades because the underlying versions of PHP, the database and the operating system itself were all getting very old and would have broken the upgraded forum software. Unfortunately, the old version of the operating system we were running made it very hard to do an in-place upgrade of the OS. We've been well aware that a migration to a brand-new server was required, but due to the complexity of some of the sites we run that live on the same server as this forum, I have been putting it off. This breach - which was undoubtedly the result of an automated malicious software scan - is a result of that laziness, and I'll have to hold my hand up to it. :/
On another forum (Atari-forum), the admin has discovered how bad Tapatalk is at abusing the phpBB software. TapaTalk extension breaks some fundamental phpBB API rules. So that admin has completely removed it.

I don't know how up to date the phpBB software is here, but I thought it wise to let everyone know about these problems, so if actions are needed, they can be taken.

Mark


:!: Standby alert :!:
“There are four lights!”
Step up to red alert. Sir, are you absolutely sure? It does mean changing the bulb :!:
Looking forward to summer in Somerset later in the year :)

QL, Falcon, Atari 520STFM, Atari 1040STE, more PC's than I care to count and an assortment of 8 bit micros (Sinclair and Acorn)(nearly forgot the Psion's)
User avatar
vanpeebles
Commissario Pebbli
Posts: 2815
Joined: Sat Nov 20, 2010 7:13 pm
Location: North East UK

Re: Forum security

Post by vanpeebles »

Thank you for the info!


Derek_Stewart
Font of All Knowledge
Posts: 3928
Joined: Mon Dec 20, 2010 11:40 am
Location: Sunny Runcorn, Cheshire, UK

Re: Forum security

Post by Derek_Stewart »

Hi,

Tapatalk is not a good "APP", I never use it on phones or tablets.

It does not give very good flexiblity. In my view, should be blocked.


Regards,

Derek
Post Reply