Support Forums - All Posts - XOOPS Web Application System

31

Re: Aston Themes Hacked ?

2005/7/12 16:22
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

Quote:

Mithrandir wrote:
Except for the fact that sending 20000 emails is a bit beyond what the XOOPS core mailing can handle?

It is purely a practical problem, not because we don't want to.

It is true that the XOOPS mailingsystem is unable to handle such a great a amount of e-mails (something that _should_ be fixed, invisionboard is able to do something like that, using the bcc field) but other e-mail management software is able to manage such amount of e-mails (qmail?).

As I remember last e-mail to all members, it was done through a seperated e-mail system, were the members were added to, can't this be done again?

Oracle: I'd ask you to sit down, but, you're not going to anyway. And don't worry about the vase.
Neo: What vase?
[Neo turns to look for a vase, and as he does, he knocks over a vase of flowers, which shatters on the floor.]
Oracle: That vase.
Neo:...

32

Re: Aston Themes Hacked ?

2005/7/11 17:54
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

Quote:

m0nty wrote:
now u know why i claimed autologins to be not 100% secure, and that an exception oughta be included in it to stop admins being able to use autologin at all.

Sorry, I think that what you are saying is (partly) incorrect. Mith is _not_ saying that autologin is insecure (it might, but he is not telling it) but that the combination of the hole in the XML-RPC interface, wich will result in being able to obtain the md5 hash of your password, and the autologin hack will make your XOOPS installation insecure...

And since autologin hacks mostly (if not all) safe the hash of your password and username in a cookie, the hackers will be able to login by simply modifying a cookie.

Correct me if I'm wrong.

Oracle: I'd ask you to sit down, but, you're not going to anyway. And don't worry about the vase.
Neo: What vase?
[Neo turns to look for a vase, and as he does, he knocks over a vase of flowers, which shatters on the floor.]
Oracle: That vase.
Neo:...

33

Re: Aston Themes Hacked ?

2005/7/11 16:19
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

A lot of people use XOOPS without actually checking the XOOPS.org site daily. Those people still don't know about the update (if you check mainsite, you see nothing that actually says you might have to upgrade)...

Why not a mass mailing to all members (as done before), but this time without the mass of returns to all members

.

Grtz, Jan

Oracle: I'd ask you to sit down, but, you're not going to anyway. And don't worry about the vase.
Neo: What vase?
[Neo turns to look for a vase, and as he does, he knocks over a vase of flowers, which shatters on the floor.]
Oracle: That vase.
Neo:...

34

Re: Sign Herko's wedding guestbook :-)

2005/7/9 13:27
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

Congrats Herko and Sandra (sorry I'm late with this message

).

And I must say, nice way of doing a proposal

Oracle: I'd ask you to sit down, but, you're not going to anyway. And don't worry about the vase.
Neo: What vase?
[Neo turns to look for a vase, and as he does, he knocks over a vase of flowers, which shatters on the floor.]
Oracle: That vase.
Neo:...

35

Re: Shoutbox Problems on Plusnet

2005/6/28 14:17
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

Make sure the folder shoutbox in the folder uploads exists. When I checked your folder structure I saw that the uploads map did not exist.

If you created those two maps, create the file shout.cvs and chmod 777.

Oracle: I'd ask you to sit down, but, you're not going to anyway. And don't worry about the vase.
Neo: What vase?
[Neo turns to look for a vase, and as he does, he knocks over a vase of flowers, which shatters on the floor.]
Oracle: That vase.
Neo:...

36

Re: Upgrading my server. What specs to look for?

2005/6/14 10:28
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

If you really got that much visitors, I think in long term thinking it is a _lot_ cheaper to buy an own server and try to find a nearby datacenter to place your server. It is cheaper and you have full control over your server.

You might want to consider that option.

37

Re: PM Module?

2005/6/4 18:52
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

There are some hacks available, but not a real module. This is only exists as from XOOPS 2.1.

You will need be happy with the build in system for now, or try the hacks (own risc).

38

Re: About Shoutbox 3.0 Final adjusting the width of the smiliey

2005/5/14 12:15
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

You can set how many smilies should be showed in the form itself instead of 'More...':
Administration Menu - System Admin - Smilies - "Display in form?"

This will also effect other modules like newbb and the comment system.

39

Re: What actually is DoS attack ?

2005/5/6 12:57
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

True Brash.

More information about DoS attacks:
http://en.wikipedia.org/wiki/Denial-of-service_attack

40

Re: What actually is DoS attack ?

2005/5/4 22:17
Jan304
Official Support Member
Posts: 520
Since: 2002/3/31

I do not think (I have to be carefull with what I say, or GIJOE...) that the protector module actually helps against really large (read normal) DoS attacks.

Most DoS attacks just rely on the fact that servers will get overloaded with data and the server won't got any time left to respond on legal requests.

As far as I remember the protector module it uses the built in XOOPS IP ban system so that XOOPS no longer provides data to those IP's. However, still each requests of that attack is being parsed (Apache reads request; php loaded; XOOPS loaded; XOOPS loads MySQL database; XOOPS reads settings in database -> notice IP is blocked, blocks output, exit() command executed; Apache responds with empty page)

So, despite of the fact it might slow down a large attack a moment, it won't really help. Apache still responds to those requests and that should not happen. In my eye's, unless you are running a hosting company you don't have to worry about DoS-attacks. Your hosting provider should block them on server level.

Ofcourse this is just one feature of the protector module, I prefer not to discuss other functions

.

Stats
Goal:	$100.00
Due Date:	Apr 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Forum Index

Re: Aston Themes Hacked ?

Re: Aston Themes Hacked ?

Re: Aston Themes Hacked ?

Re: Sign Herko's wedding guestbook :-)

Re: Shoutbox Problems on Plusnet

Re: Upgrading my server. What specs to look for?

Re: PM Module?

Re: About Shoutbox 3.0 Final adjusting the width of the smiliey

Re: What actually is DoS attack ?

Re: What actually is DoS attack ?

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}