Search found 1321 matches

by Kellanved
Sun Feb 13, 2011 8:39 pm
Forum: [3.0.x] Support Forum
Topic: Trouble deploying to Windows Azure
Replies: 4
Views: 695

Re: Trouble deploying to Windows Azure

Deploying on Windows Azure is not generally supported. The blog post shows how to do it in principle and what patches to apply, but it is intended for very advanced users and not for productive boards. I am not aware of any conflicts between the current version and the azure patch, but I haven't tes...
by Kellanved
Wed Nov 03, 2010 8:50 pm
Forum: [3.0.x] Support Forum
Topic: Attachment rejected due to "possible attack vector"
Replies: 18
Views: 1761

Re: Attachment rejected due to "possible attack vector"

So. In regards to my choices, may I please have an answer on how to disable mime-sniffing? I don't think that's such an unreasonable request. You're right it's not. ;) ACP -> General -> Board configuration -> Attachment settings -> Check attachment files: No Actually: IE->Tools->Internet Options->S...
by Kellanved
Fri Aug 20, 2010 7:04 pm
Forum: [3.0.x] MOD Writers Discussion
Topic: Post your hook/event requests at area51
Replies: 1
Views: 16664

Post your hook/event requests at area51

We are now accepting hook placement requests for phpBB 3.1 . So, head to area51 and share your ideas at http://area51.phpbb.com/phpBB/viewforum.php?f=111
by Kellanved
Fri Aug 20, 2010 2:24 pm
Forum: phpBB Discussion
Topic: Drupal Integration?
Replies: 76
Views: 25499

Re: Drupal Integration?

I respectfully disagree to some of the notions expressed here. I would call myself a seasoned drupal developer; I've rolled out major drupal-based sites, written themes and modules. And yes, drupal does a great job as a CMS and as framework. I see no reason why phpBB couldn't be bridged just like Ci...
by Kellanved
Fri Aug 06, 2010 2:49 pm
Forum: phpBB Discussion
Topic: [split] 3.0.x cross platform in theory not practice?
Replies: 7
Views: 940

Re: [split] 3.0.x cross platform in theory not practice?

The web application gallery installer uses the normal phpBB installer. Thus, I see no reason not to support installs made using it - in fact, the use of the normal installer was something we insisted on. The important part is that users keep their installs updated, and the web application installer ...
by Kellanved
Sun May 30, 2010 9:41 pm
Forum: phpBB Discussion
Topic: Can not open attached file directly with I.E. without saving
Replies: 28
Views: 3923

Re: Can not open attached file directly with I.E. without sa

A stated in the code, it's a necessary security precaution - the way internet explorer handles files would create a XSS issue otherwise. As such, it is an IE issue - partially solved in ie8, hopefully solved in ie9.
by Kellanved
Tue Apr 20, 2010 8:07 pm
Forum: [3.0.x] Support Forum
Topic: DB locking causing cpu spike
Replies: 18
Views: 1949

Re: DB locking causing cpu spike

I'd guess that you have the RSS MOD installed. It's a known offender for having extremely poorly designed queries.
by Kellanved
Sat Apr 17, 2010 11:34 pm
Forum: [3.0.x] Support Forum
Topic: Safely TRUNCATE phpbb_confirm?
Replies: 2
Views: 1064

Re: Safely TRUNCATE phpbb_confirm?

Yes, truncating the table is completely safe and even prudent in such a case. It should never grow to such size, this seems to indicate a problem with the pseudo-cron-based garbage collection. With CAPTCHA disabled, the table should not grow at all.
by Kellanved
Tue Apr 13, 2010 7:45 am
Forum: [3.0.x] Support Forum
Topic: Preventing Spam in phpBB 3.0.6 and Above [*Read First Post*]
Replies: 602
Views: 172210

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

Alternatively, could blacklisting be built into a CAPTCHA plug-in so that no user interaction is required (the "user" input would essentially be the IP address and E-mail address which phpBB already knows)? If so, maybe that would answer Martin's objections (although CAPTCHAs aren't able to be pres...
by Kellanved
Sat Apr 03, 2010 1:14 pm
Forum: [3.0.x] Support Forum
Topic: Preventing Spam in phpBB 3.0.6 and Above [*Read First Post*]
Replies: 602
Views: 172210

Re: Preventing Spam in phpBB 3.0.6 and Above [*Read First Po

OccamsToothbrush wrote:I know on a few forums I've seen mods that rely on admins entering questions unique to that site, but easy for that site's members to answer rather than captcha's. Has anyone found anything like that for phpBB 3.0.7+?
That would be the Q&A Captcha plugin, which is included since 3.0.6.
by Kellanved
Sun Mar 28, 2010 11:33 am
Forum: [3.0.x] Support Forum
Topic: How do I know if my passwords are salted?
Replies: 14
Views: 4308

Re: How do I know if my passwords are salted?

The security benefit of adding a salt in the form of $config['salt'] is negligible. That is for a simple reason: if the attacker has access to the database - the premise about the sort of attack discussed here - , s/he can just grab the salt as well. The real reason for a salt is just to hinder the ...
by Kellanved
Mon Mar 01, 2010 10:13 am
Forum: phpBB Discussion
Topic: phpBB 3 security code review report
Replies: 22
Views: 3375

Re: phpBB 3 security code review report

It was not published because the report details the methodology and other business secrets of the auditing company.
SektionEins posted about the audit at their homepage: http://www.sektioneins.com/en/company/news/index.html .
by Kellanved
Thu Feb 18, 2010 8:38 pm
Forum: [3.0.x] Support Forum
Topic: Captcha Cock Up!
Replies: 3
Views: 225

Re: Captcha Cock Up!

Well, it'S the same as with a desktop. You can't just delete the files without de-installing the application first - otherwise things start going wrong. For your problem: re-upload the plugin, then select another plugin in the ACP. Deleting the files is entirely optional, but won't cause any problem...
by Kellanved
Wed Feb 17, 2010 11:01 pm
Forum: [3.0.x] Support Forum
Topic: phpBB3 jamming our MySQL server, Pair Networks takes it down
Replies: 5
Views: 521

Re: phpBB3 jamming our MySQL server, Pair Networks takes it

Hi, the query is not part of phpBB3, it does not even adhere to the phpBB3 coding standards (!= instead of <> etc). It's also poorly designed, but that's another matter. The first step would be to remove the MOD that introduced the query. However, considering the relatively small size of your forum,...

Go to advanced search