|
|
Rank: YAF Head Dude
Joined: 10/10/2004
Posts: 2,556
Location: Honolulu, HI
|
YAF v1.9.1 FINAL (Dated 9/1/2007)This version is no longer available for download. "Alcohol: The cause and solution to all of life's problems." -- Homer Simpson 
|
|
|
Rank: YAF Forumling
Joined: 9/5/2007
Posts: 7
Location: Tübingen, Germany
|
you forgot Intelligencia.UrlRewriter.dll in the BIN distribution ...
|
|
|
Rank: YAF Head Dude
Joined: 10/10/2004
Posts: 2,556
Location: Honolulu, HI
|
Oops! I'll fix that immediately. "Alcohol: The cause and solution to all of life's problems." -- Homer Simpson
|
|
|
Rank: YAF Head Dude
Joined: 10/10/2004
Posts: 2,556
Location: Honolulu, HI
|
Please download again as the .dll is in the distribution now. "Alcohol: The cause and solution to all of life's problems." -- Homer Simpson
|
|
|
Rank: YAF Head Dude
Joined: 10/10/2004
Posts: 2,556
Location: Honolulu, HI
|
Distributions have been updated with new UrlRewriter.config files to fix the issue with moderated forums. "Alcohol: The cause and solution to all of life's problems." -- Homer Simpson
|
|
|
Rank: YAF Camper
Joined: 8/8/2006
Posts: 16
|
You might want to address the fact that netdevilz.org have hacked forum.yetanotherforum.net, and are currently spamming all members... so much for "Stable and secure enough for a production environment" 
|
|
|
Rank: YAF Lover
Joined: 2/13/2006
Posts: 44
Location: Romania
|
there is a meta tag : <META HTTP-EQUIV="Refresh" CONTENT="0; url=http://netdevilz.org/yet.html">. I think there is missing a check for meta tags.
|
|
|
Rank: YAF Developer
Joined: 1/8/2007
Posts: 1,067
Location: Heart of Europe
|
Quote:so much for "Stable and secure enough for a production environment" It's too early to judge. There are few possibilities how this happen - one is bug in YAF, another is stolen/broken identity. My guess it the second. When I post FP:Ederon in a topic, I'm leaving my footprint there so I can track it once I get into coding/supporting.
|
|
|
Rank: YAF Camper
Joined: 8/8/2006
Posts: 16
|
Ederon wrote:It's too early to judge. There are few possibilities how this happen - one is bug in YAF, another is stolen/broken identity. My guess it the second. So they stole the main admin account? They must have to fit your theory, since the forums have been renamed as well...
|
|
|
Rank: YAF Head Dude
Joined: 10/10/2004
Posts: 2,556
Location: Honolulu, HI
|
I've evaluated the logs. They weren't really trying to be sneaky or anything. They didn't change my password or reset admin account. Still investigating. "Alcohol: The cause and solution to all of life's problems." -- Homer Simpson
|
|
|
Rank: YAF Head Dude
Joined: 10/10/2004
Posts: 2,556
Location: Honolulu, HI
|
Remember folks: account passwords are hashed. I looked at their access and they only went to the admin_mail section (that's why everyone got e-mails) and modified the one forum ("lol"  . They didn't get e-mail addresses or usernames. That wasn't their goal: They were just here to demonstrate that they hacked the site. Of course, admin passwords have been changed. "Alcohol: The cause and solution to all of life's problems." -- Homer Simpson
|
|
|
Rank: Member
Joined: 4/13/2007
Posts: 10
Location: Moldova
|
Can that happen with any other YAF.NET forum? Hooter girls dig me!
|
|
|
Rank: YAF Developer
Joined: 1/8/2007
Posts: 1,067
Location: Heart of Europe
|
Exiton wrote:Can that happen with any other YAF.NET forum? Yes, as long as you leave out of box machine key setting in web.config as it is. You should always generate your own, so hackers (or any potential attackers) does not have key to your secret chambers. When I post FP:Ederon in a topic, I'm leaving my footprint there so I can track it once I get into coding/supporting.
|
|
|
Rank: YAF Head Dude
Joined: 10/10/2004
Posts: 2,556
Location: Honolulu, HI
|
Exiton wrote:Can that happen with any other YAF.NET forum? Please download and install v1.9.1.1. It fixes a few different security issues. "Alcohol: The cause and solution to all of life's problems." -- Homer Simpson
|
|
|
Rank: Member
Joined: 4/13/2007
Posts: 10
Location: Moldova
|
Upgraded. Thank you. Hooter girls dig me!
|
|
|
|
Guest |
YAFPro Theme Created by Jaben Cargman (Tiny Gecko)Powered by YAF 1.9.3 beta |
YAF © 2003-2008, Yet Another Forum.NETThis page was generated in 0.167 seconds.