Jump to content
Sign in to follow this  
MacMuffin

Today's forum outage explained

Recommended Posts

MacMuffin

Hi all,

 

you will have noticed a brief forum outage today from around 10am. We received a report from a user who posted a video on Youtube (link here: youtube.com/watch?v=uGPo0Ur6YXg) which required us to take the necessary precautionary measures to shut down the forum to investigate the issue.

 

We found that a forum plugin (VBSEO) which is responsible for prettifying URLs for Google and other search-engines carried a vulnerability which allowed an attacker to display advertising pages to users coming to the forum from search engines. The sole purpose of that exploit was for the attacker to generate advertising revenue from users visiting from search engines.

 

We have rebuild our forum server and removed the problematic forum plugin to avoid the issue from re-occuring.

 

The regular bobbers will know, that our forum runs independent from our transactional marketplace and today's incident has not compromised any user- or transactional information.

 

If you have any further questions, please post them here or contact our customer support team.

Share this post


Link to post
Share on other sites
JohnBenn

Hi

Is it possible that you can change the password settings?, I have to use the same password for both my selling page and the forum.

It would be great if I could use two different ones. Thanks.

Share this post


Link to post
Share on other sites
MacMuffin
Hi

Is it possible that you can change the password settings?, I have to use the same password for both my selling page and the forum.

It would be great if I could use two different ones. Thanks.

 

It is unfortunately not possible to have different passwords between forum and main website. We use "salted passwords" and hash the passwords as well in our systems. This mechanism is based on best practises and it is impossible to extract the original password with the use of a salt and one-way hashing.

Share this post


Link to post
Share on other sites
JohnBenn

Alright, Thanks.

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×