Current board version: phpbb 3.0.4
I had a post on my board a few days ago which rather startled me, and I'm wondering if I have anything to worry about, or if there is anything I can do to avoid this in the future.
The post was clearly spam, a block of text consisting of web addresses, etc.
The post was made by a user in the Administrator user group, that no longer exists, i.e. they must have deleted the account after making the post.
I have my board set to force Administrator approval of all new registrations. I did not receive notice of a new user, and as such, never approved them.
It seems that no major damage was done; I am still able to authenticate as Admin, access the ACP, and it doesn't look like anything was changed.
First, is this normal? Part of the security issue that 3.0.5 patches? Dangerous?
Second, is there anything I should be sure to check-on, that the user may have changed?
Third, is there a way to avoid this in the future, other than applying the 3.0.5 patch, etc?
Thank you, in advance.