|Re: TI forum|
Message #10 Posted by hugh steers on 16 Dec 2005, 2:30 p.m.,
in response to message #1 by Michel Beaulieu
though your intentions are commendable, i feel i should pass on some warnings.
it looks like your forum is (free) hosted for you. scarily, it also looks like its quite an old version of phpBB2 (the bottom page has copyright is 2002). the latest version is 2.0.18 (www.phpbb.com). pretty soon you will be getting spam posted on your forum – in large quantities and also in a few weeks it could be hacked. badly! furthermore they don’t let you take away SQL backups which means you cant make a personal backup or re-host it somewhere else should you need to do so.
i run phpbb2 over at voidware. even though my forum is obscure, i've been getting an alarming increasing amount of spam. i got 3 today. to fix it i deleted the spam and applied a mod to insist that guest posters enter human-readable verification. i also have such a thing on registration. quite often now i am hacking the code directly – and i have the latest version with the old loopholes supposedly plugged! when i get a moment, i'm going to physically remove the mass mail feature so that if it gets compromised (again) it wont spam my members.
phpBB2 is so popular that there are robots to hack it. and robots to log in as a new user and post spam. you must enable the human readable verification to register ASAP or you are in trouble.
up until last month i was lazy and not rigorous about keeping up the the latest version. i simply thought that i didn’t desperately need any new features. my forum (and many others at the same time out there) was hacked by a turk who changed the front page into a picture of a turk with their national anthem blaring out of the speakers. i had to edit the SQL tables directly to fix it. this came about by exploiting a known loophole in an old version.
my cynical mind wonders if these “free” hosters deliberately court such problems once your site has momentum then require payment to fix it. so watch out!
i do think it’s a good idea though!