|
|
 Rank: YAF Head Dude  Joined: 10/10/2004 Posts: 3,291 Location: Honolulu, HI
|
YAF v1.9.1 FINAL (Dated 9/1/2007)This version is no longer available for download. "When you are grateful, fear disappears and abundance appears”." 
|
|
|
|
|
|
|
|
 Rank: YAF Forumling Joined: 9/5/2007 Posts: 7 Location: Tübingen, Germany
|
you forgot Intelligencia.UrlRewriter.dll in the BIN distribution ...
|
|
|
Rank: YAF Head Dude Joined: 10/10/2004 Posts: 3,291 Location: Honolulu, HI
|
Oops! I'll fix that immediately. "When you are grateful, fear disappears and abundance appears”."
|
|
|
Rank: YAF Head Dude Joined: 10/10/2004 Posts: 3,291 Location: Honolulu, HI
|
Please download again as the .dll is in the distribution now. "When you are grateful, fear disappears and abundance appears”."
|
|
|
Rank: YAF Head Dude Joined: 10/10/2004 Posts: 3,291 Location: Honolulu, HI
|
Distributions have been updated with new UrlRewriter.config files to fix the issue with moderated forums. "When you are grateful, fear disappears and abundance appears”."
|
|
|
|
Rank: Advanced Member
Joined: 8/8/2006
Posts: 33
|
You might want to address the fact that netdevilz.org have hacked forum.yetanotherforum.net, and are currently spamming all members... so much for "Stable and secure enough for a production environment" 
|
|
|
 Rank: YAF Lover  Joined: 2/13/2006 Posts: 44 Location: Romania
|
there is a meta tag : <META HTTP-EQUIV="Refresh" CONTENT="0; url=http://netdevilz.org/yet.html">. I think there is missing a check for meta tags.
|
|
|
 Rank: YAF Developer  Joined: 1/8/2007 Posts: 1,122 Location: Heart of Europe
|
Quote:so much for "Stable and secure enough for a production environment" It's too early to judge. There are few possibilities how this happen - one is bug in YAF, another is stolen/broken identity. My guess it the second. When I post FP:Ederon in a topic, I'm leaving my footprint there so I can track it once I get into coding/supporting.
|
|
|
|
Rank: Advanced Member
Joined: 8/8/2006
Posts: 33
|
Ederon wrote:It's too early to judge. There are few possibilities how this happen - one is bug in YAF, another is stolen/broken identity. My guess it the second. So they stole the main admin account? They must have to fit your theory, since the forums have been renamed as well...
|
|
|
Rank: YAF Head Dude Joined: 10/10/2004 Posts: 3,291 Location: Honolulu, HI
|
I've evaluated the logs. They weren't really trying to be sneaky or anything. They didn't change my password or reset admin account. Still investigating. "When you are grateful, fear disappears and abundance appears”."
|
|
|
Rank: YAF Head Dude Joined: 10/10/2004 Posts: 3,291 Location: Honolulu, HI
|
Remember folks: account passwords are hashed. I looked at their access and they only went to the admin_mail section (that's why everyone got e-mails) and modified the one forum ("lol"  . They didn't get e-mail addresses or usernames. That wasn't their goal: They were just here to demonstrate that they hacked the site. Of course, admin passwords have been changed. "When you are grateful, fear disappears and abundance appears”."
|
|
|
Rank: Member  Joined: 4/13/2007 Posts: 10 Location: Moldova
|
Can that happen with any other YAF.NET forum? Hooter girls dig me!
|
|
|
Rank: YAF Developer Joined: 1/8/2007 Posts: 1,122 Location: Heart of Europe
|
Exiton wrote:Can that happen with any other YAF.NET forum? Yes, as long as you leave out of box machine key setting in web.config as it is. You should always generate your own, so hackers (or any potential attackers) does not have key to your secret chambers. When I post FP:Ederon in a topic, I'm leaving my footprint there so I can track it once I get into coding/supporting.
|
|
|
Rank: YAF Head Dude Joined: 10/10/2004 Posts: 3,291 Location: Honolulu, HI
|
Exiton wrote:Can that happen with any other YAF.NET forum? Please download and install v1.9.1.1. It fixes a few different security issues. "When you are grateful, fear disappears and abundance appears”."
|
|
|
Rank: Member Joined: 4/13/2007 Posts: 10 Location: Moldova
|
Upgraded. Thank you. Hooter girls dig me!
|
|
|
| Users browsing this topic |
|
Guest
|