• Tired of adverts on RWI? - Subscribe by clicking HERE and PMing Trailboss for instructions and they will magically go away!

FORUM SECURITY

Sys

Looking Around
24/9/19
4
1
0
I don't know who is the admin of this site but because of recent vbulletin 5 severe security issue most of the vb5 based sites have been compromised by attacking bots .. even the new security patch doesn't close the other possible doors ..

make sure you have this inside your php.ini
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,c url_exec,curl_multi_exec,parse_ini_file,show_source

it limits the generic shell scripts I am switching to Xenforo .. fuck vb
 
Last edited:
  • Like
Reactions: rj999

Raddave

Most Delicious of all Nipples!
Staff member
Global Moderator
Administrator
Certified
24/12/11
66,114
17,070
113
Yeah ive alerted tech/admin guys TY
 

Glaude

Tech Admin
Staff member
Administrator
11/8/17
6,755
5,364
113
We were safely patched against this VB vulnerability even before it was announced.
Luckily for us because the VB team wasn't exactly quick in their answer.

I can't agree more on your last sentence, F'em but appart from this vulnerability, the current version of VB is secure

Thanks for the heads up anyway
 

csthe

I'm Pretty Popular
16/3/13
1,056
377
0
AFAIK the WAF (cloudflare in this case) should prevent known attacks as well...
The main risk for RWI is a new ap 15400 gen thickness that will create a debate on the AP forum and will lead to new world war.. IMO... :)
 
  • Like
Reactions: Tompa and Glaude

Sys

Looking Around
24/9/19
4
1
0
AFAIK the WAF (cloudflare in this case) should prevent known attacks as well...
The main risk for RWI is a new ap 15400 gen thickness that will create a debate on the AP forum and will lead to new world war.. IMO... :)

the bug is public is different than what hacker use .. cloudflare even the paid level can't block file upload through that bug ..
 

DR3M3L

TECHMIN
Advisor
27/10/14
4,775
98
48
the bug is public is different than what hacker use .. cloudflare even the paid level can't block file upload through that bug ..

Most of the time does using a WAF..
 

Raddave

Most Delicious of all Nipples!
Staff member
Global Moderator
Administrator
Certified
24/12/11
66,114
17,070
113