Just for Giggles

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Get Involved
Post Reply
User avatar
bubbathegimp
Registered User
Posts: 81
Joined: Tue Sep 25, 2018 8:02 pm
Location: Bronston
Name: Robert Anderson
Contact:

Just for Giggles

Post by bubbathegimp »

Has anybody tried scanning their board with OWASP Zed Attack Proxy ?
What were your results/fixes?
Old enough to remember when Water was free, and you had to pay for Porn :o

User avatar
John connor
Registered User
Posts: 2408
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: Just for Giggles

Post by John connor »

Yes, immediate 403. Try it on my site once. :lol:

User avatar
bubbathegimp
Registered User
Posts: 81
Joined: Tue Sep 25, 2018 8:02 pm
Location: Bronston
Name: Robert Anderson
Contact:

Re: Just for Giggles

Post by bubbathegimp »

cool. :D
anything special in the settings I should be aware of of?
.htaccess? web.config?....
I get several notices on mine that I haven't been able to figure out...
Old enough to remember when Water was free, and you had to pay for Porn :o

User avatar
John connor
Registered User
Posts: 2408
Joined: Fri Nov 14, 2014 5:14 pm
Location: U S Of A
Name: Aaron
Contact:

Re: Just for Giggles

Post by John connor »

I'm a noob when it comes to OWASP and I don't know PHP, yet I have a phpBB-driven forum, go figure. :lol: If you find a vulnerability you are advised to report it in a PM to an Admin/Mod. But I think by in large it's server/hosting related. For me I use layers. The chief layer is CloudFlare and that's probably why one would get an immediate 403.

Read my Sig...

73s and my 10-20 is via RLG, fly heading 053, intercept 315 DVV and look for the orange glow of a SAM. :lol:

I'm also into radio communications and aviation, etc. Read my Bio. :D :ugeek:

Paul
Infrastructure Team Leader
Infrastructure Team Leader
Posts: 25653
Joined: Sat Dec 04, 2004 3:44 pm
Location: The netherlands.
Name: Paul Sohier
Contact:

Re: Just for Giggles

Post by Paul »

John connor wrote:
Sat Jan 04, 2020 8:16 am
If you find a vulnerability you are advised to report it in a PM to an Admin/Mod.
no, please report security issues to the security tracker at https://tracker.phpbb.com/projects/SECURITY or via security@phpbb.com
Knock knock
Race condition
Who's there?

My BlogMy Photosmy phpBB Extensionscustom phpBB work & Development

User avatar
bubbathegimp
Registered User
Posts: 81
Joined: Tue Sep 25, 2018 8:02 pm
Location: Bronston
Name: Robert Anderson
Contact:

Re: Just for Giggles

Post by bubbathegimp »

John connor wrote:
Sat Jan 04, 2020 8:16 am
I'm a noob when it comes to OWASP and I don't know PHP, yet I have a phpBB-driven forum, go figure. :lol: If you find a vulnerability you are advised to report it in a PM to an Admin/Mod. But I think by in large it's server/hosting related. For me I use layers. The chief layer is CloudFlare and that's probably why one would get an immediate 403.

Read my Sig...

73s and my 10-20 is via RLG, fly heading 053, intercept 315 DVV and look for the orange glow of a SAM. :lol:

I'm also into radio communications and aviation, etc. Read my Bio. :D :ugeek:
73 OM n Gd Dx
Old enough to remember when Water was free, and you had to pay for Porn :o

Post Reply

Return to “phpBB Discussion”