1
fredgsanford
Removing xoop's copyright/powered by link?

Are we allowed to do this? ..I have never done this before, but my last XOOPS site was hacked and somebody told me that the hackers are finding our XOOPS sites by tracking that "powered by xoops" link. I would like to remove it and put an image link there instead linking back to xoops.

Thanks

2
mboyden
Re: Removing xoop's copyright/powered by link?
  • 2008/1/10 23:20

  • mboyden

  • Moderator

  • Posts: 484

  • Since: 2005/3/9 1


Sometimes it's in the active theme, so you'll need to look in /themes//theme.html. Also, it's in the Site Preferences in the General Settings in the System Admin module.
Pessimists see difficulty in opportunity; Optimists see opportunity in difficulty. --W Churchill

XOOPS: Latest | Debug | Hosting and Web Development

3
StevenB
Re: Removing xoop's copyright/powered by link?
  • 2008/1/13 1:26

  • StevenB

  • Just popping in

  • Posts: 61

  • Since: 2006/9/3 2


Hello,

Quote:
Are we allowed to do this?


My understanding is, Yes you can remove the link.

Quote:
somebody told me that the hackers are finding our XOOPS sites by tracking that "powered by xoops" link


If you put a image link it's still a link but I don't really believe that's what caused your hack.

If it was a vulnerability in XOOPS it more than likely came from a bot that searches all websites for vulnerability, but I don't believe that was your issue either.

It could have been an issue with a third party module but if it came from a seasoned programmer it would have been posted up to other programmers before it was released 1.0+ and would have been tested well before a stable release.

More than likely it was a vulnerability produced on another website if you are hosted on a shared server without some type of firewall or some other code on your site.

I have experience on this topic as I was seriously hacked once and it completely took out seven sites of mine. I had the same reaction as you but ultimately (with a great deal of help from the host) we discovered that it was test site that I thought nobody could access, with some poor code, that actually caused the problem.

Just "food for thought" but in my opinion you are looking in the wrong direction. I suggest VPS, developing locally, and only using stable module releases.

Good Luck,

Steve

Login

Who's Online

365 user(s) are online (276 user(s) are browsing Support Forums)


Members: 0


Guests: 365


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits