MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Too many bugs in my forum.
Full Version: Too many bugs in my forum.
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

beh4R

2014-08-22, 05:22 PM
I just test my forum for bugs and look what i found , guys,
[Image: 2jfkr2q.jpg]

.m.

2014-08-22, 05:26 PM
hmm., what is the scanner that you have used ?

HostDash

2014-08-22, 06:36 PM
(2014-08-22, 05:26 PM).m. Wrote: [ -> ]hmm., what is the scanner that you have used ?

+ what version of MyBB and can you list any plugins you've got installed?

Does the scan give anymore details you can provide?

Matt

2014-08-22, 06:37 PM
You won't get hacked, I can pretty much guarantee that these will be false positives, these sorts of scan results always are. Does it actually give you any URLs or say why it thought it failed?

Darth Apple

2014-08-22, 06:42 PM
If you have plugins installed, it's also possible that vulnerabilities reported may be from the plugins. MyBB itself is fairly secure these days.

beh4R

2014-08-22, 08:45 PM
Guys i used https://ovs.acunetix.com ,to scan my forum .
My plugins i am 100 %, sure that aren't out of date or the plugins have vulnerabilities .
I Use latest version of MyBB also
I didn't published my forum yet, so i don't know how those errors are showing.
All i am trying to do is to secure my forum from sql injections and exploits, my AdminCP is 100 % sure.
So if anyone can fix those by teamviewer , please reply Smile , thanks for your helps guys .

Rymax99

2014-08-22, 09:20 PM
(2014-06-23, 06:25 PM)Nathan Malcolm Wrote: [ -> ]
(2014-06-23, 04:39 PM)JukEboX Wrote: [ -> ]This is a clean install and upgrade form 1.6.10 - 1.6.13. Why would it come up in the scan if it was secure then.

Because it's not a human. I advise you don't use these scanners if you can't appropriately interpret the results. They're meant to assist with security research, not give you a definite answer to whether something is secure or not.

Also, if you're using a scanner to figure out how your forum was attacked with SQL injection, you can't be sure that it was SQL injection. Check your server logs and look for evidence.

beh4R

2014-08-22, 09:26 PM
(2014-08-22, 09:20 PM)Rymax99 Wrote: [ -> ]
(2014-06-23, 06:25 PM)Nathan Malcolm Wrote: [ -> ]
(2014-06-23, 04:39 PM)JukEboX Wrote: [ -> ]This is a clean install and upgrade form 1.6.10 - 1.6.13. Why would it come up in the scan if it was secure then.

Because it's not a human. I advise you don't use these scanners if you can't appropriately interpret the results. They're meant to assist with security research, not give you a definite answer to whether something is secure or not.

Also, if you're using a scanner to figure out how your forum was attacked with SQL injection, you can't be sure that it was SQL injection. Check your server logs and look for evidence.
Dear user thanks for your answer, but can you come in my PC via Teamviewer to
install this PHP Web Firewall , maybe this would be very helpful for me !?

Nathan Malcolm

2014-08-22, 09:46 PM
(2014-08-22, 09:20 PM)Rymax99 Wrote: [ -> ]
(2014-06-23, 06:25 PM)Nathan Malcolm Wrote: [ -> ]
(2014-06-23, 04:39 PM)JukEboX Wrote: [ -> ]This is a clean install and upgrade form 1.6.10 - 1.6.13. Why would it come up in the scan if it was secure then.

Because it's not a human. I advise you don't use these scanners if you can't appropriately interpret the results. They're meant to assist with security research, not give you a definite answer to whether something is secure or not.

Also, if you're using a scanner to figure out how your forum was attacked with SQL injection, you can't be sure that it was SQL injection. Check your server logs and look for evidence.

You took the words out of my mouth. Wink

But in all seriousness, you should just create your forum and follow basic security practices. Given enough time you are going to get hacked one way or another. You just need to learn from the experience.

beh4R

2014-08-22, 10:24 PM
Yeah i did those tips, but this PHP Firewall Web, i think i should add so he can automatically detect
Ddos attacks and people that are trying to acces in my directory .
Pages: 1 2
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Too many bugs in my forum.