question for MODS... forum security

r055 · Post by **r055** » Fri Dec 15, 2006 11:57 pm

i know its been briefly mentioned before, but are there any plans to increase the security of the forum from non-members? Even if just a secured category!

Only reason i'm asking is that anything that is posted on SE2 is open to the WWW, whereas the SE1 site is blocked completely to the outside world unless you can remember your user/password details...

Post by **simon** » Sat Dec 16, 2006 1:07 am

It's been discussed greatly before and the way it is now is what was decided by the majority at the time. Don't see any need to change it myself.

mac · Post by **mac** » Sat Dec 16, 2006 10:11 am

And the Meet's section is only available to members.

Mac

Rich H · Post by **Rich H** » Sat Dec 16, 2006 10:28 am

The way we are now is a much more friendly way of doing things IMHO. Although some discussions are removed to the meets section for the extra security, as a couple of our recent members (Online casino and a leisure firm) have shown the security offered to a free forum is pretty scant anyway.

~ ~ Cal ~ ~ · Post by **~ ~ Cal ~ ~** » Sat Dec 16, 2006 11:03 am

I think the way this forum is set up you have friendly eyes watching almost 24 hrs. Even when mods are not online someone will likely have their phone number ( or access to...) should any mishaps occur.

Things start getting harder when you have 1000 + users, whereas we're at 413 just now so it's less of an issue.....

It also about being sensible i.e don't publish anything that is too sensitive and also dont put your email in here as madfurloti@hotmail.com and instead use madfurlotiAThotmailDOTcom

Other than that i think it's relatively secure in here...........if someone is determined to cause havoc or commit some sort of cyber crime they will always find a way regardless

Cal

p.s I made up that e-mail address - someone, somewhere, likely has it though

r055 · Post by **r055** » Sat Dec 16, 2006 11:54 am

whats the reason for the email configuration?
is that to stop automated spam thingys from picking it up?

\non-technical speak faction!

mac · Post by **mac** » Sat Dec 16, 2006 12:00 pm

wonder if PHPBB have a mod to hinder access of these bot things. The kind of thing where you have to type a code in when registering.

Other than that - I couldn't agree more with Cal. There's normally someone kicking around that can get in touch with a mod relativily quickly or who will post up if they think a thread should be altered/amended.

Cheers

Mac

Post by **pete** » Sat Dec 16, 2006 12:09 pm

I wonder if the dramatic increase I've had in spam over the last few months could be bots farming my address off here?
The address I use here is the one I normally give outto friends, most websites I use the one my ISP gives me...

P

~ ~ Cal ~ ~ · Post by **~ ~ Cal ~ ~** » Sat Dec 16, 2006 12:22 pm

Pete - I have suffered a MASSIVE amount of spam at work and home. I think there is some sort of renewed global wave of spam cos everyone's getting nailed just now

kenny · Post by **kenny** » Sat Dec 16, 2006 12:59 pm

mac wrote:wonder if PHPBB have a mod to hinder access of these bot things. The kind of thing where you have to type a code in when registering

There is, but it still doesnt prevent all spam registrations.

mac · Post by **mac** » Sat Dec 16, 2006 1:07 pm

kenny wrote:
mac wrote:wonder if PHPBB have a mod to hinder access of these bot things. The kind of thing where you have to type a code in when registering
There is, but it still doesnt prevent all spam registrations.

Mac

kenny · Post by **kenny** » Sat Dec 16, 2006 5:32 pm

Post by **ironside** » Sun Dec 17, 2006 12:04 am

mac wrote:wonder if PHPBB have a mod to hinder access of these bot things. The kind of thing where you have to type a code in when registering.

It's there by default, I disabled it for some reason because someone was having difficulty registering.

I'll turn it on again just now and remind myself why and then probably disable it again.

Post by **ironside** » Sun Dec 17, 2006 12:13 am

Yeh, the confirmation code doesn't actually appear.

I didn't realise this is actually a mod and not part of the base package, so thanks for pointing that out Kenny. This is probably why it doesn't work. Our freeyabb ported database will have the configuration bits still in it but there aren't any of the files for the mod on the server.

I'll check that out . . .

Post by **ironside** » Sun Dec 17, 2006 4:06 am

No, it's only a mod in earlier versions of phpBB. It's standard in the version we use (latest, stable) and also broken in our installation for some reason. I've tried 3 other third party mods for adding visual confirmation and none of those work either - same thing, no image displayed.

If spam bots become a real problem and/or people care a lot about this I will put more effort into finding out what's wrong.

In the meantime I've installed the Super Quick Reply mod to distract you all from the fact that Visual Confirmation Codes don't work. Enjoy!