We need a traffic light!
Post new topic Reply to topic Page 1 of 1
Author


Prolific Collector

Posts: 517
Joined: Oct 03, 2004
Last Visit: Nov 07, 2007
Location: windy south florida

Post Posted: Wed Nov 03, 2004 3:41 pm 
 

I always take a peek at whose on-line to see which of you bums are hanging around here (me being on of those bums as well). I've noticed increasing numbers of guests like today for example there where 18 at one time! Numbers have been steady at around 3-5 at any given time I've looked. It's could most likely be the 30th anniversary, or let's hope it's not those used bookstore clerks looking to shutdown your hopes of an amazing collectors find….. :evil:

MIke 8)

  

User avatar

Prolific Collector

Posts: 772
Joined: Feb 21, 2003
Last Visit: Jun 22, 2018
Location: Spokane, WA

Post Posted: Wed Nov 03, 2004 3:48 pm 
 

There are 10 as of right now. Probably all the Half Price Bookstore chains :evil:


"Ah, you seek meaning? Then listen to the music, not the song."

"I know that you believe that you understood what you think I said, but I am not sure you realize that what you heard is not what I meant."

  


Prolific Collector
Valuation Board

Posts: 682
Joined: Oct 13, 2003
Last Visit: Sep 13, 2019
Location: Denver, CO

Post Posted: Wed Nov 03, 2004 5:44 pm 
 

I believe the anonymous ones are primarily bots, spiders, etc.

Nasty spiderses.  We hates them!
:P

But we are seeing an influx of quality members to the community, due to both 30th and the forum button being on the front page, I believe.  Yay!

  

User avatar

Site Admin

Posts: 2078
Joined: Oct 19, 2002
Last Visit: Jan 24, 2021
Location: Honolulu, HI

Post Posted: Wed Nov 03, 2004 6:22 pm 
 

About 2/3rds of the guests at any given time are spiders -- primarily Google.  If there were a simple modification to make it so the "most users" statistic only reflected registered users, I'd install it -- but I don't think there is.

Foul

  


Long-Winded Collector
Acaeum Donor

Posts: 3066
Joined: Jul 09, 2004
Last Visit: Apr 30, 2015

Post Posted: Thu Nov 04, 2004 8:42 am 
 

FoulFoot wrote:About 2/3rds of the guests at any given time are spiders -- primarily Google.  If there were a simple modification to make it so the "most users" statistic only reflected registered users, I'd install it -- but I don't think there is.

Foul

Interesting and leads me to a question I've been wanting to ask.  What software do you use for the forums?  I've seen very similar styled forums before so I assume it's some common application.

 YIM  


Prolific Collector

Posts: 130
Joined: Oct 06, 2004
Last Visit: Aug 11, 2012
Location: Liestal, Switzerland

Post Posted: Thu Nov 04, 2004 9:29 am 
 

*points to the very bottom of the page*

  


Long-Winded Collector
Acaeum Donor

Posts: 3066
Joined: Jul 09, 2004
Last Visit: Apr 30, 2015

Post Posted: Thu Nov 04, 2004 10:26 am 
 

Jupp wrote:*points to the very bottom of the page*

Thanks.  Missed that.

 YIM  


Prolific Collector

Posts: 130
Joined: Oct 06, 2004
Last Visit: Aug 11, 2012
Location: Liestal, Switzerland

Post Posted: Thu Nov 04, 2004 1:01 pm 
 

We are using the same board system on our site that is run with PHP-Nuke but we are actually thinking about switching to something else since PHP-Nuke and other derivates are very inviting to "unwanted internal visits"  :x  Either we stood on someones toe in the past or the amount of kiddies out there that know how to use script bombs as doubled, trippled, whatever in the past months. So unless you are planning to use php-nuke for a site with a lot of visitors I would think about using something else.

  

User avatar

Site Admin

Posts: 2078
Joined: Oct 19, 2002
Last Visit: Jan 24, 2021
Location: Honolulu, HI

Post Posted: Thu Nov 04, 2004 1:45 pm 
 

The key with using phpBB is to stay on top of the updates.  I learned that the hard way -- got hacked about a year and a half ago, because I was running the version supplied by the web host (which was well out-of-date).  The script kiddies hop from board to board, looking for older versions of phpBB that have known vulnerabilities.

Unfortunately, the vanilla version of phpBB still needs several modifications in order to make it fully functional.  If you're not comfortable editing php files or making SQL queries, I'd suggest you avoid the system entirely.

Should you be hacked, the bottom line is, you have no recourse.  Local & state authorities have no jurisdiction outside their boundaries, and will not bother to work with neighboring jurisdictions to prosecute.  Federal authorities require substantial dollar loss in order to prosecute, and it's tough to prove that the erasure of your non-profit forum represents a financial loss.  I was even able to find out exactly who committed the hack, but was unable to do a thing about it.  And the script kiddies are aware of that.

Foul

  


Prolific Collector

Posts: 130
Joined: Oct 06, 2004
Last Visit: Aug 11, 2012
Location: Liestal, Switzerland

Post Posted: Thu Nov 04, 2004 2:09 pm 
 

True. While we constantly tried to be up to date with the most recent versions of php-nuke that still didnt help much at all. There was a time about 3 or 4 months ago when we were hacked about once every week. The sources of attack were mostly Brasil or Russia so there wasnt much we were able to do except trying to just restore the last weekly backup. Our guy that is the PHP freak in the group throwed the towel about two weeks ago and announced that the next site will be made with something different than PHP-Nuke. About three days ago he told me that he played around with using PostNuke (the PNphpBB looked quite promising as well) but it turned out that the latest version was hacked not too long ago as well. Oh well the only secure computer is a computer that is switched off :)

  


Active Collector

Posts: 55
Joined: May 28, 2004
Last Visit: Oct 17, 2006

Post Posted: Thu Nov 04, 2004 2:12 pm 
 

I just wanted to chime in and say that some of them may be registered users who are not currently logged in (much as I normally am).  I often appear as a guest because I go straight to the forums without loggin in.

As I went to login to post this, I noticed the automatically log in check box.  I don't normally use features such as these but perhaps I should, especially if it will help people sleep better at night  :wink: .

  

User avatar

Site Admin

Posts: 2078
Joined: Oct 19, 2002
Last Visit: Jan 24, 2021
Location: Honolulu, HI

Post Posted: Thu Nov 04, 2004 2:36 pm 
 

As an aside to all this -- there are no known vulnerabilities in the phpBB version currently in use here.  There may be tomorrow, but as of today, we're okay.  I keep a much closer watch on the vulnerability postings than I did.

Using the automatic-login feature is safe, and recommended.  I use it myself.  Most of the previous hacks have involved registered users upgrading their access to administrator, and then doing whatever they like.

As I understand it -- correct me if I'm wrong -- phpNuke is an actual web site system, which often uses phpBB as its forum software.  I noticed the version of phpBB you're using, Jupp, is 2.0.7 -- which has several vulnerabilities.  Unless you're talking about phpNuke itself which is being hacked, which is a separate issue.

Foul

  


Prolific Collector
Acaeum Donor

Posts: 407
Joined: Nov 05, 2002
Last Visit: Dec 30, 2020
Location: Sydney, Australia

Post Posted: Tue Nov 09, 2004 12:09 am 
 

Hey Foul, when you stay on top of the updates, what do you mean?
Is there some url which announces security problems or something?
I'm running 2.0.8 - is that bad?

 WWW  

User avatar

Site Admin

Posts: 2078
Joined: Oct 19, 2002
Last Visit: Jan 24, 2021
Location: Honolulu, HI

Post Posted: Tue Nov 09, 2004 1:58 am 
 

2.0.8 isn't bad... it just isn't as current as the newest version, 2.0.10.  Most of the updates since 2.0.6 have been related to security issues.

I primarily stay abreast of updates at the home web site,  http://www.phpbb.com.  I particularly look for people warning about any exploits -- in the last two months, there haven't been any.

Foul

  
Post new topic Reply to topic Page 1 of 1