3rd party forum, gallery, blog open sources systems are the targets of these hacker software. The hacker software auto register and then post the porn, gambling etc. info.

In addition to keep these open source system updates with the most current versions or security updates, in addition to use all these built in features such as "virtual confirmation", email address required to activate the account etc.

What else we can do? Basically, I have been doing these and still not good enough to fence off the attacks.

I am thinking, due to these software are usually written to attack these open source systems. If in the registeration process, in addition to the system built in "virtual confirmation", email required to activate account feautures.

If I add some of my own codes as the additioanl confirmation information. Such as add another line of confirmation code (my own codes), this added custom design confirmation field will fence off most hack software specially designed to attack that certain open source system, right?

What is your solution in fencing off these attacks on open source forum, gallery and blog systems?

    I'm sorry, but Whu?? Are you insane?

    Take the two most popular web browsers on the planet, Firefox and Internet Explorer. Which one is more prone to security problems?

    Open source software, because of the large following is generally more secure due to the number of people using them and providing bug fixes and (usually) the bug fixes go through a lot of testing before they are made "live". If you're unsure whether the software you're using is safe, you should see how many other people are using it and maybe talk to one of them, or look for an alternative. You shouldn't need to make any changes to make them safer.

      i think what he's saying is that the open-box forums/blogs/galleries are all similar and if you find a breach in phpBB for example, it will likely be the same on ALL installations of phpBB regardless of what website it is installed in...

      basically, if i built a forum, it would get hacked less than phpBB since phpBB holes have been found already and the auto-register software is meant to be used with phpBB...

      am i explaining myself correctly cuz i re-read it and it sounds like i'm talking myself into circles, lol...

      i don't think he's talking about open-sources versus closed-sources, i think he's talking about custom-built forums versus out-of-the-box forums

      🙂

        I am not talking about open source vs. close source. Also I am not talking about write my own full featured forum.

        Since the most attacks are "auto register and then post porn" attacks. All I want to do is adding one group of my own codes to the original register page of these popular open source, to do one more step my own confirmation in the registering process, to make sure the other end is a person not a hacker software. Due to the most attacks are targeting the open source registering pages, just a few lines of my own codes may stop these attacks written for attacking these registering pages.

          Ahhh, now I understand. The simplest way is to write some kind of captcha script. A lot of forums have plugins that are really good, but I guess that might have the same sort of problems as your above post.

            With the english reading tests that some websites have you would need to make it random some how. As the hacker could just imput the answers for the bot to fill out.

              Just a thought: Would it be a good idea to post a question (What is two + 8) in an image CAPTCHA but require the answer to be put in or would that be to easy to break? Of course the question and answer have to change, no reason to use it otherwise.

                Write a Reply...