HomeHidden Topics not exactly Hidden
Page 1 of 1
Hidden Topics not exactly Hidden
by Fighter Control February 21st 2009, 9:35 pm
Hi.
There seems to be a bit of a security issue.
On my forum, I set up an area that was hidden from members and guests and only viewable by the forums moderators and Admin.
My forum was originally on phpbb2 and then I updated it to phpbb3.
However a post was made by a normal member stating that he had written some code that could view the titles of the hidden topics of our hidden area.
And had posted a screen dump.
Naturally one of the moderators of my forum acted and removed the post and I was alerted and had to immediately delete the hidden area.
It seems that it is possible to modify a TOPICS ANYWHERE hack and insert the main index of the forum name and it will list all the topics including the hidden topics.
Therefore I have had change over to one of the other forum software and setup new skins.
There seems to be a bit of a security issue.
On my forum, I set up an area that was hidden from members and guests and only viewable by the forums moderators and Admin.
My forum was originally on phpbb2 and then I updated it to phpbb3.
However a post was made by a normal member stating that he had written some code that could view the titles of the hidden topics of our hidden area.
And had posted a screen dump.
Naturally one of the moderators of my forum acted and removed the post and I was alerted and had to immediately delete the hidden area.
It seems that it is possible to modify a TOPICS ANYWHERE hack and insert the main index of the forum name and it will list all the topics including the hidden topics.
Therefore I have had change over to one of the other forum software and setup new skins.
Fighter Control- New Member
- Posts : 3
Reputation : 0
Language : English
Re: Hidden Topics not exactly Hidden
by Fighter Control February 21st 2009, 10:12 pm
One of my members works for a large IT security consultancy, and states is it possible for ALL free forum admins to have access to ROBOTS.txt so we can make sure that the web bots such as Yahoo, MSN, Google et al are restricted in to what they can access.
Fighter Control- New Member
- Posts : 3
Reputation : 0
Language : English
Similar topics» howto stop the Latest topics showing posts in hidden topics ?
» How do I create different hidden forums for different hidden groups?
» Can members view the forum, open topics but not read the topics?
» how do i add a dropdown menu on new latest topics to display the number of topics shown
» How to load up a forum with topics & stay off the scrolling latest topics list
» How do I create different hidden forums for different hidden groups?
» Can members view the forum, open topics but not read the topics?
» how do i add a dropdown menu on new latest topics to display the number of topics shown
» How to load up a forum with topics & stay off the scrolling latest topics list
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
Facebook
Twitter
Pinterest
Youtube
