Hello,

I need someone to make my phpBB2 forum hacker proof. This is an old version of phpBB2 and I can NOT upgrade because it has way too many mods installed as well as an integration with @mail (calacode.com) so I don't think that should be the way to go but I am open to suggestions anyway.

If you are interested please let me know how much you would charge me for it by emailing me/answering to this topic or pm me. Any way you like but please be fast!

Thank you.

Rob

Have you read the thread at the phpbb forums on the one line to change in your code to fix this issue? phpbb.com is down at the moment but it literally takes 20 seconds. Once its back up I suggest you go read that thread or there is probably even one discussed here at WHT somwhere.

phpbb lost all their info. it was hacked

might be a totally useless post,

but that is quite ironic.....



(damned hackers)

Originally posted by albc15
phpbb lost all their info. it was hacked

Actually They Didnt, They do have database backup(s).

As for the answer(s) for this post

Open Viewtopic.php and find //
// Was a highlight request part of the URI?
//
$highlight_match = $highlight = '';
if (isset($HTTP_GET_VARS['highlight']))
{
// Split words and phrases
$words = explode(' ', trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));

for($i = 0; $i < sizeof($words); $i++)
{


and Replace with

//
// Was a highlight request part of the URI?
//
$highlight_match = $highlight = '';
if (isset($HTTP_GET_VARS['highlight']))
{
// Split words and phrases
$words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));

for($i = 0; $i < sizeof($words); $i++)
{

Thank you all for your answers!!

Just so everyone knows they weren't really hacked just defaced and the ironic part of that... The 'hackers' came in through a security hole in awstats.

Do as nomad438 said... It will be abit better..

By the way, dear user, there is no hacker proof system in this world...

hehehe.... Yeah... that I know. Was just a way to "define it" ;-)