Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #1  
Old 04 Jan 2009, 01:16
MandarS MandarS is offline
 
Join Date: Dec 2008
Question 3 Simple Questions

Hello Members,

I bought vBulletin 10 days ago. While using i found some errors.

1) Members can't login without www

eg. Login works great - www.sharingbb.com

Members can't login using http://sharingbb.com

2) Plugin Manager page changed

Yesterday i clicked on plugin manager and i found that the page has completely change automatically. First it was different now it is different.

I am posting page screenshot ( Sorry can't provide old page screenshot .. but i am sure you can find out the difference )

Screen shot -


3) Is it possible to hack vBulletin Forum ?

Few days ago i purchased VIP Membership on phpbb forum. There i found some hacking tutorials provided by forum staff members for VIPs!

One of them was How To Hack vBulletin .. I read that article and found that it is very easy to hack nulled vBulletin Board. Then i thought what about licensed ? So just wanted to ask if somebody knows my customer number can they hack my Board ?? or its impossible to hack it ?

And can i remove version details from footer to prevent hackers getting information ?

With warm regards,
Mandar

Last edited by MandarS; 04 Jan 2009 at 01:45.
Reply With Quote
  #2  
Old 04 Jan 2009, 01:23
snakes1100 snakes1100 is offline
 
Join Date: Dec 2001
Real name: Anthony
1. set cookie domain to .yourdomain.com (note the dot in front) that way www. & non www pages keep members logged in.

2. thats the plugin manager, not the product manager page. (If you mean what happened to the left column in that page?)

3. don not ask about nulled vb products., as far as vb being easy to hack, thats untrue, if you want oremove the vb version info, i do not believe thats against the license agreement.
Reply With Quote
  #3  
Old 04 Jan 2009, 01:33
MandarS MandarS is offline
 
Join Date: Dec 2008
thanks for replying sir. By the way can i delete my install folder to protect forum ?

And i asked admins of many large forums that why they are using phpbb . . .They told me that phpbb is used by real webmasters and it is very easy to hack vbulletin . . They also said that they will prefer using IPB instead of vb !

Of course i am big supporter of vb . . . Not going to listen them . . Cheers

Last edited by MandarS; 04 Jan 2009 at 04:23.
Reply With Quote
  #4  
Old 04 Jan 2009, 03:54
glennybee glennybee is offline
 
Join Date: Feb 2008
You can delete the /install folder if you want.
Reply With Quote
  #5  
Old 04 Jan 2009, 04:29
MandarS MandarS is offline
 
Join Date: Dec 2008
okies thanks ! And i was thinking how to set cookies ! from vbulletin options right ? By changing that blank ?
Reply With Quote
  #6  
Old 04 Jan 2009, 04:32
Kirk Y's Avatar
Kirk Y Kirk Y is offline
 
Join Date: Apr 2005
Originally Posted by MandarS View Post
They told me that phpbb is used by real webmasters and it is very easy to hack vbulletin
I think they've got the two switched around.

Nulled vBulletin installations are prone to exploitation because (a) they're most likely running outdated and insecure components and (b) they're nulled! (it's very likely the person who nulled it also put security holes in).

If you're running an up-to-date and legal instance of vBulletin and you're careful as to what modifications (if any) you install, you've got nothing to worry about.
__________________
Former vBulletin.org Staff Member

Please feel free to re-use any of the code in any of my projects submitted to vB.org, so long as original attribution is retained.
Reply With Quote
  #7  
Old 04 Jan 2009, 05:27
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Real name: Hanson
phpBB used to be the holy grail of exploits and hackability. However, the newer versions are likely to be pretty secure.
__________________
Former vBulletin.org Staff Member

View My Modifications
29 Releases and Counting... Latest Modification: dmActivityStream - vBookie Integration (4.x)

Please do not PM me to ask for support - please use the relevant thread or forum.
Reply With Quote
  #8  
Old 04 Jan 2009, 07:13
MandarS MandarS is offline
 
Join Date: Dec 2008
okay thanks a lot ! I am only installing mods from vb.org and one from vbseo .... Thats all ! Also removing / renaming install folder ! Edited .htaccess file any more suggestions ? Thanks
Reply With Quote
  #9  
Old 04 Jan 2009, 07:59
singa singa is offline
 
Join Date: Dec 2008
Interesting discussion going here. I truly hope that this time, hackers can't hack into my board to install some spam bot or whatever they call it. Had SMF but after 16 months hackers were in the drivers' seats and the only thing I could do was watch...

It was a very user friendly board, though. Very good for people with no code/HTML/PHP knowledge like myself.

--------------- Added 04 Jan 2009 at 08:05 ---------------

Originally Posted by snakes1100 View Post
1. set cookie domain to .yourdomain.com (note the dot in front) that way www. & non www pages keep members logged in.

2. thats the plugin manager, not the product manager page. (If you mean what happened to the left column in that page?)

3. don not ask about nulled vb products., as far as vb being easy to hack, thats untrue, if you want oremove the vb version info, i do not believe thats against the license agreement.

Interesting Snakes,

I could use some of your advice as well. Where is the Plugin manager exactly so that I put in that one dot you mentioned? or is it set by default? I had the board installed by a vbulletin tech so things could be alright for me.... or?

Last edited by singa; 04 Jan 2009 at 08:05. Reason: Auto-Merged DoublePost
Reply With Quote
  #10  
Old 04 Jan 2009, 09:12
MandarS MandarS is offline
 
Join Date: Dec 2008
@ singa

Well I dont think hackers can install any spam bot or something on vbulletin board. Its very secure board I have asked some pro hackers to hack my trial board ! Lets see now but i doubt they will succeed !

Installing vbulletin is very easy but if you want you can ask vb tech staff to install it !
Reply With Quote
  #11  
Old 04 Jan 2009, 10:00
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Real name: Hanson
Originally Posted by singa View Post
Where is the Plugin manager exactly so that I put in that one dot you mentioned? or is it set by default? I had the board installed by a vbulletin tech so things could be alright for me.... or?
That setting is located in the Admin CP > vBulletin Options > Cookie Options > Cookie Domain. The Plugin Manager is a completely different thing.
__________________
Former vBulletin.org Staff Member

View My Modifications
29 Releases and Counting... Latest Modification: dmActivityStream - vBookie Integration (4.x)

Please do not PM me to ask for support - please use the relevant thread or forum.
Reply With Quote
  #12  
Old 04 Jan 2009, 10:22
MandarS MandarS is offline
 
Join Date: Dec 2008
Thanks for all the help. You can close this thread Thank you.
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 11:46.

Layout Options | Width: Wide Color: