e107help.org Q&A
0 like 0 dislike
Last night my forum was hacked with a lot of porn entries. There is no user account, so the hacker has found a way to add elements to the database without making a logon. That sounds like a security breach. I'm running the latest release, does anybody have experienced the same, is there something I can do except closing the forum?
e107 version latest from git.
closed
in Plugins by (263 points) 8 16 29
closed by

1 Answer

0 like 0 dislike
Best answer
Sorry, my bad. One of the moderators had made a few forums and forgot to set the rights well. By default the forums are open to anyone, so no account was needed to post. Corrected that, and I expect no issues any more.

(Isn't it a good idea to set the security by default to members or admin instead of anybody?)
by (263 points) 8 16 29
If you use google, you will find the most hatefull article against e107 is exactly because this. Nothing was changed during long time.
Welcome to e107 Q&A, where you can ask questions and receive answers from other members of the e107 community.
934 questions
1,336 answers
2,344 comments
2,309 users