Hancoque
Well, I'm not really mad at the person who did it, because the hack just seems to be there to point out security flaws and I believe this to be a major problem of W2S.
PHP-Nuke and phpBB both aren't quite known for their tight security. The only way to counteract hack attempts is to stay up-to-date, which ideally means patching within the same day a security patch comes out. I know it's a lot of work, especially if you have many customizations to maintain, but I would rather do without customizations than to leave a system vulnerable to exploits.
I'm writing this because I believe that the CMS hasn't seen any patches for many months. The PHP-Nuke version here is 5.5 but there's already a version 7.8 available. Both versions 6 and 7 have seen security fixes. That makes it quite likely that version 5.5 has many security issues.
PHP-Nuke and phpBB both aren't quite known for their tight security. The only way to counteract hack attempts is to stay up-to-date, which ideally means patching within the same day a security patch comes out. I know it's a lot of work, especially if you have many customizations to maintain, but I would rather do without customizations than to leave a system vulnerable to exploits.
I'm writing this because I believe that the CMS hasn't seen any patches for many months. The PHP-Nuke version here is 5.5 but there's already a version 7.8 available. Both versions 6 and 7 have seen security fixes. That makes it quite likely that version 5.5 has many security issues.
Participate on our website and join the conversation
You have already an account on our website? Use the link below to login.
Login
Create a new user account. Registration is free and takes only a few seconds.
Register
This topic is archived. New comments cannot be posted and votes cannot be cast.
Responses to this topic
Death Knight
Hey! Site hacked again...
Redirect my home page to it's web site....
It's time to rebuild this site!
Redirect my home page to it's web site....
It's time to rebuild this site!
Hancoque
OP
If you use Firefox there's a nice extension that prevents automatic meta redirections and displays a notice with the redirection link instead: http://www.allesdurcheinander.de/refreshblocker/.
Mike
We'll fix this.
