2014-08-22, 05:22 PM
Pages: 1 2
2014-08-22, 05:26 PM
hmm., what is the scanner that you have used ?
2014-08-22, 06:36 PM
(2014-08-22, 05:26 PM).m. Wrote: [ -> ]hmm., what is the scanner that you have used ?
+ what version of MyBB and can you list any plugins you've got installed?
Does the scan give anymore details you can provide?
2014-08-22, 06:37 PM
You won't get hacked, I can pretty much guarantee that these will be false positives, these sorts of scan results always are. Does it actually give you any URLs or say why it thought it failed?
2014-08-22, 06:42 PM
If you have plugins installed, it's also possible that vulnerabilities reported may be from the plugins. MyBB itself is fairly secure these days.
2014-08-22, 08:45 PM
Guys i used https://ovs.acunetix.com ,to scan my forum .
My plugins i am 100 %, sure that aren't out of date or the plugins have vulnerabilities .
I Use latest version of MyBB also
I didn't published my forum yet, so i don't know how those errors are showing.
All i am trying to do is to secure my forum from sql injections and exploits, my AdminCP is 100 % sure.
So if anyone can fix those by teamviewer , please reply , thanks for your helps guys .
My plugins i am 100 %, sure that aren't out of date or the plugins have vulnerabilities .
I Use latest version of MyBB also
I didn't published my forum yet, so i don't know how those errors are showing.
All i am trying to do is to secure my forum from sql injections and exploits, my AdminCP is 100 % sure.
So if anyone can fix those by teamviewer , please reply , thanks for your helps guys .
2014-08-22, 09:20 PM
(2014-06-23, 06:25 PM)Nathan Malcolm Wrote: [ -> ](2014-06-23, 04:39 PM)JukEboX Wrote: [ -> ]This is a clean install and upgrade form 1.6.10 - 1.6.13. Why would it come up in the scan if it was secure then.
Because it's not a human. I advise you don't use these scanners if you can't appropriately interpret the results. They're meant to assist with security research, not give you a definite answer to whether something is secure or not.
Also, if you're using a scanner to figure out how your forum was attacked with SQL injection, you can't be sure that it was SQL injection. Check your server logs and look for evidence.
2014-08-22, 09:26 PM
(2014-08-22, 09:20 PM)Rymax99 Wrote: [ -> ]Dear user thanks for your answer, but can you come in my PC via Teamviewer to(2014-06-23, 06:25 PM)Nathan Malcolm Wrote: [ -> ](2014-06-23, 04:39 PM)JukEboX Wrote: [ -> ]This is a clean install and upgrade form 1.6.10 - 1.6.13. Why would it come up in the scan if it was secure then.
Because it's not a human. I advise you don't use these scanners if you can't appropriately interpret the results. They're meant to assist with security research, not give you a definite answer to whether something is secure or not.
Also, if you're using a scanner to figure out how your forum was attacked with SQL injection, you can't be sure that it was SQL injection. Check your server logs and look for evidence.
install this PHP Web Firewall , maybe this would be very helpful for me !?
2014-08-22, 09:46 PM
(2014-08-22, 09:20 PM)Rymax99 Wrote: [ -> ](2014-06-23, 06:25 PM)Nathan Malcolm Wrote: [ -> ](2014-06-23, 04:39 PM)JukEboX Wrote: [ -> ]This is a clean install and upgrade form 1.6.10 - 1.6.13. Why would it come up in the scan if it was secure then.
Because it's not a human. I advise you don't use these scanners if you can't appropriately interpret the results. They're meant to assist with security research, not give you a definite answer to whether something is secure or not.
Also, if you're using a scanner to figure out how your forum was attacked with SQL injection, you can't be sure that it was SQL injection. Check your server logs and look for evidence.
You took the words out of my mouth.
But in all seriousness, you should just create your forum and follow basic security practices. Given enough time you are going to get hacked one way or another. You just need to learn from the experience.
2014-08-22, 10:24 PM
Yeah i did those tips, but this PHP Firewall Web, i think i should add so he can automatically detect
Ddos attacks and people that are trying to acces in my directory .
Ddos attacks and people that are trying to acces in my directory .
Pages: 1 2