Support Forum

manarak

have a look at the last posts in the support forum about all those hacked sites and reconsider the proposal for a security / hack relief forum?

*I* would expect such a forum on pnphpbb.com

-----
"He is not dangerous, he just wants to play...."

Quote

*I* would expect such a forum on pnphpbb.com

So you are saying that PNphpBB2 should have a security forum for all secuirty issues in PostNuke. Like the bbcode issue with pnForum, the xmlrpc issue and so on. I assume you mean this or perhaps you are just being a smart ass.

I was refering to the security issues in PNphpBB that lead to compromised PN installations. pn_bbcode is also not a core file although it is distributed in .761. BTW, you can use it without pnForum too.

And please, watch the smilie, again:

Frank

-----
"He is not dangerous, he just wants to play...."

Well if people would keep their installations updated then that would solve the secuirty issues but then short of having the code expire or something, not much way that you can make people do that. I still see installs of PNphpBB2 around using the alpha version thats 3 or 4 years old.

[quote=larsneo]

Quote

server stuff is usually beyond the scope of any application forum - there are definitly better places to discuss this kind of stuff...

i consider PN as one of the safer CMS available, after some very bad experiences that lead me to it in the first place. but due to this experiences i also try to apply any possible safety / security option possible. and for me as "semi-experienced noobee with prob solving skills" when getting the right info and tips / short how to... the initial idea of a dedicated forum area doesn't sound half bad.

i don't see why "server stuff is usually beyond the scope of any application forum..."!!! more so, if it involves "server stuff" directly related to the application. it would be USERFRIENDLY to find info on the application website / forum and not have to search the whole internet, would defy claims as above your post about the bad security (i do not agree with that statement) by helping less experienced users to avoid probs due to expert advice how to prevent probs.

considering the rather dismal content of the Wiki and the lack of any other decent documentation for PN (i would go as far as calling it the worst documented professional CMS) it makes a forum with as much information as humanly possibly even more important.

i am sure (even by reading related posts) that the PN community has many experts being able to provide valuable info to this much thought after security probs!

just my 2cents
tekmac

Wow. You dug out a 3 year old discussion!

1. There has been done a lot regarding security in .8 - please take a look at the security center which gives you loads of information about your server enviroment and it points out the worst settings.
2. Most other things are too complicated for newbies and often even not possible in shared hosting enviroments - which is still the suggested enviroment for new users. In these cases the only thing a user can do is to check Apache, MySQL and PHP versions and ask the provider to keep them up to date.
If you have your own server you should be able to find the required information on the internet. There's no sense in reproducing other site's content for people here in the forums who are not able to find them on their own
3. There is a pretty lenghty Wiki entry about Secruity that I am sure is still updated by larsneo.

-----
best regards from Kiel, sailing city

Steffen Voss

Member of the PostNuke Steering Committee
Follow The Zikulan at Twitter