Welcome to all phpBB2 Refugees!This site is intended to continue support for the legacy 2.x line of the phpBB2 bulletin board package. If you are a fan of phpBB2, please, by all means register, post, and help us out by offering your suggestions. We are primarily a community and support network. Our secondary goal is to provide a phpBB2 MOD Author and Styles area.
Posted: Thu Jul 16, 2009 5:47 am Post subject: Hi Community
Hi phpbb2 Refugees
Nice to find a forum to discuss the good old phpbb2
My forum was hacked some days ago, but luckywise the guy was friendly enough to tell me about my security issue. I didn't have a htaccess file to protect my config.php.
So, since i have fixed that issue, i was wondering if there may be some other security issues i might not know about.
Basically i have a phpbb 2.0.23 forum with the following mods: ez_portal ; EasyMOD 0.3.0 ; UploadPic 1.3.7 ; Calenderfunction v.x? ; Birthday 1.6.1
Anyone of you guys can give me a direction weather there are some known security issues with the forum and/or one of those mods known?
Are there some furthermore basic directives on how to make my forum more secure? My htacces now locks config.php, common.php as the folders: db, includes, languages - i didn't lock the admin folder, since i can not open the ACP then. Should i still lock it?
thanks for all your advice ...
//Edit: I have read about the session hijacking problem. But since guests can't post pictures in my forum that shouldn't be a problem for me then?