Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
All Security Points; Keep your host and dashboard out of strange hands!
qwenty
New
Plz, Share any your experience about how your forum is in a safe mode! a bit point can be useful as I maybe don't know that.
Hint anything can make our forum secure, far from black hackers hands! See this link which is MyBB security point, I was wondering if is there any such guideline for Vanilla or something you know that maybe others doesn't know it?!
As first, I've a question: for installing, it's need to grant to the below three folders the permission of 777(rwx); what about after installation process? will it swap to 755?
(/conf/config.php is keeping database username & password)
0
Answers
Took me a minute or two to recognise the image lol
There was an error rendering this rich post.
Using different (and many) plugins, does it increase risk of being in hazardous?
And then?
Yeah! any point -> Does it mean Vanilla is completely SAFE? :-)
you might get a better answer using the null hypothesis
In statistics, the only way of supporting your hypothesis is to refute the null hypothesis. Rather than trying to prove your idea (the alternate hypothesis) right you must show that the null hypothesis is likely to be wrong – you have to ‘refute’ or ‘nullify’ the null hypothesis.
So a multivariate Analysis of Variance with a fourier transform shows it is 99% significantly safe . So not completely SAFE? :-)> .. but not incompletely unsafe. .. from
http://www.null-hypothesis.co.uk/science//item/what_is_a_null_hypothesis
I think you are asking an impossible question. its as safe as your host, as safe as your hosting provider, as safe as your operating system, as safe as your moderator,and so on...
If seen updates when people report security concerns it is fixed pretty quickly. I think 2.18.0.2 or 3 was a security update.
Haven't seen any security guidelines myself. I've seen a few sites linked put up by other users with vanilla forums here that allow viewing of the directory tree of vanilla (and probably the rest of the site) and the viewing of config.php - don't think that is a very good idea.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.