»How to protect your phpBB forum against hackers«

Sippenhaft:

Is the 2.0.17 patch gonna be similar to this? i.e. dealing with the cookie issue?

It's gonna deal with some cookie issues, so I thought it's better to update my Tip #5. The old tip #5 was already good, but this one protects you more.

posted by knn

in-my-opinion.org -> Technology, Computers, Science, Internet -> Software by the admin -> How to protect your phpBB forum against hackers

Tip 5 change again? Or Not?

I saw the new posted Tip you have, as I was looking at the tips I saw tip 5 is different again?

To add this mod to your phpBB do the following: • Open in "includes/sessions.php" • Find if ( $auto_create ) { • Add after: @include_once('allowedadminipsforautologin.php'); if (!allow_autologin_based_on_ips($userdata,$user_ip)) { unset($sessiondata['autologinid']); } • Edit "allowedadminipsforautologin.php" to add your allowed admin IPs • You can also edit "allowedadminipsforautologin.php" to set whether you want a strict IP check for users (= non admins) or a loose one • Upload into the "includes/" folder the attached file (see below) "allowedadminipsforautologin.php".

Just the other day it said :

To add this mod to your phpBB do the following: • Open in "includes/sessions.php" • Find if ( $auto_create ) { • Add after: @include_once('allowedadminipsforautologin.php'); if (!allow_autologin_based_on_ips($userdata,$user_ip)) { $auto_login_key = 'xyz'; // Set password to something it could never be } • Upload into the "includes/" folder the attached file (see below) "allowedadminipsforautologin.php".

which code should i be using?

posted by Sippenhaft

Rebellion is the only way to reform!

Question on Tip 14

Is this fixed now in version 2.0.17 or are you saying this shoudl still be changed with the code you provided...sorry the

Quote:

...Actually the above [ url ] handling (prior to 2.0.17)...

got me confused. I learned something new, I guess

posted by Sippenhaft

Sippenhaft:

which code should i be using?

You can use either one. I just changed 1 line to make it less confusing.

Just make sure you download the new 1.2.0 version. I will release another phpbb update soon that will help you to protect your forum if some cookies/passwords have been already spied out.

posted by knn

ebooks-download.com

Re: Question on Tip 14

Sippenhaft:

Is this fixed now in version 2.0.17 or are you saying this shoudl still be changed with the code you provided...sorry the

Quote:

...Actually the above [ url ] handling (prior to 2.0.17)...

got me confused. I learned something new, I guess

I reworded Tip 14. Thanks for supporting me by pointing out what is confusing Thumb Up

posted by knn

No Problem

Quote:

Thanks for supporting me by pointing out what is confusing

NP, just wanted to clarify before I did something to fubar my forums!
(note: I now have version 1.2 US prisoner

)

stop by sometime forums.dasrebellion.com...

posted by Sippenhaft

newbie:

I did exactly as you say and I get this error

Warning: Cannot modify header information - headers already sent by (output started at /home/.love/antonio/myforum.com/forum/config.php:21) in /home/.love/antonio/myforum.com/forum/includes/sessions.php on line 200
etc.

I found out the reason now: You have to make sure that in the last line (which contains "?>") there is no blank space ("?> ", note the space after the ">")

posted by knn

The following post has been deemed OFFTOPIC. Do not answer it and do not quote from it or from parts of it. The reporter (knn) said: "Offtopic"

i know this isnt on topic...But i have some problems here. I have 1 skin set i have, and a few mods, but i don't know php, and the mods/skins don't seem to work together...I was wondering if anyone could help me? And on the topic of attacking people, I support all sides. People could easily keep themselves safe if they were smart...So, I say, yes, most of your ideas are crap, but still, that's opinion...and some ideas are good...
VHDeath

posted by vhdeath

vhdeath:

But i have some problems here. I have 1 skin set i have, and a few mods, but i don't know php, and the mods/skins don't seem to work together...I was wondering if anyone could help me? And on the topic of attacking people, I support all sides. People could easily keep themselves safe if they were smart...So, I say, yes, most of your ideas are crap

How can you say my ideas are crap if you don't even know php? Nono

posted by knn

SOME ideas. Like changing passwords, and etc.

posted by VHDeath

The following post has been deemed OFFTOPIC. Do not answer it and do not quote from it or from parts of it. The reporter (knn) said: "Offtopic"

php is a toy language for kids.

posted by holy_of_holies

Yeah, i just don't write it. I can read it though...I just don't have time to write it. I can read nearly any language thrown at me, but it takes me a while to learn towrite em.

posted by VHDeath

VHDeath:

SOME ideas. Like changing passwords, and etc.

What the heck? Where did I propose to change passwords? In fact I stood up against this idea.

posted by knn

The following post has been deemed OFFTOPIC. Do not answer it and do not quote from it or from parts of it. The reporter (knn) said: "Offtopic"

eh, Oh well. Some Ideas i still did not like much. But, it does not matter...Now, on the question I asked...Can anyone help me? I really kinda want a reward for reading 10 pages of stuff.

posted by VHDeath

TO: Can Read but Can't Write

Did you ever think to start your own thread ASKING the question you had in mind instead of hijacking a thread some people like? Faster than height

(sorry for posting KNN but I am in a mood today and this sent me over... Silly and stupid, that's how I feel

)

posted by Sippenhaft

Goto page Previous
1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 Next

The time now is 6 July 2008, 04:17
php B.B.