Home
> Ask A Question
> Topic
unpanyWoomy INSANITY brisenserioff
Posted by bispFoetweips
|
bispFoetweips
unpanyWoomy INSANITY brisenserioffMarch 23, 2012 08:57PM |
wewcoidsSwels P90X steeksbek
accogeGap P90X2 Serefientee
Immadrami INSANITY Aidetrete
UndotaCreanna TURBOFIRE diesinkkila
accogeGap P90X2 Serefientee
Immadrami INSANITY Aidetrete
UndotaCreanna TURBOFIRE diesinkkila
|
Re: unpanyWoomy INSANITY brisenserioff March 23, 2012 09:21PM |
Registered: 8 years ago Posts: 785 |
bispFoetweips Wrote:
-------------------------------------------------------
> wewcoidsSwels P90X steeksbek
> accogeGap P90X2 Serefientee
> Immadrami INSANITY Aidetrete
> UndotaCreanna TURBOFIRE diesinkkila
Can we stop this sort of rubbish? Please.
-------------------------------------------------------
> wewcoidsSwels P90X steeksbek
> accogeGap P90X2 Serefientee
> Immadrami INSANITY Aidetrete
> UndotaCreanna TURBOFIRE diesinkkila
Can we stop this sort of rubbish? Please.
|
Re: unpanyWoomy INSANITY brisenserioff March 25, 2012 01:08AM |
Registered: 7 years ago Posts: 34 |
Forum posting should be limited to users that have made a deposit. For the extreme minority of cases where a potential depositor needs to ask a question they should be directed to the contact us page.
Having said that, I've only seen a few spam posts so perhaps the cost outweighs the benefit.
An alternative would be to make a few trustworthy members forum administrators (a common solution among online communities). This could save a small amount of administrator time - which appears to be stretched especially thinly at the moment.
Having said that, I've only seen a few spam posts so perhaps the cost outweighs the benefit.
An alternative would be to make a few trustworthy members forum administrators (a common solution among online communities). This could save a small amount of administrator time - which appears to be stretched especially thinly at the moment.
|
Re: unpanyWoomy INSANITY brisenserioff March 25, 2012 04:19AM |
Registered: 8 years ago Posts: 785 |
ImNotPsychic Wrote:
-------------------------------------------------------
> Forum posting should be limited to users that have
> made a deposit. For the extreme minority of cases
> where a potential depositor needs to ask a
> question they should be directed to the contact us
> page.
> Having said that, I've only seen a few spam posts
> so perhaps the cost outweighs the benefit.
>
> An alternative would be to make a few trustworthy
> members forum administrators (a common solution
> among online communities). This could save a small
> amount of administrator time - which appears to be
> stretched especially thinly at the moment.
The problem is, it appears that the OP is not a member. So, if not a member how are they able to post and is there a way to stop occurring?
-------------------------------------------------------
> Forum posting should be limited to users that have
> made a deposit. For the extreme minority of cases
> where a potential depositor needs to ask a
> question they should be directed to the contact us
> page.
> Having said that, I've only seen a few spam posts
> so perhaps the cost outweighs the benefit.
>
> An alternative would be to make a few trustworthy
> members forum administrators (a common solution
> among online communities). This could save a small
> amount of administrator time - which appears to be
> stretched especially thinly at the moment.
The problem is, it appears that the OP is not a member. So, if not a member how are they able to post and is there a way to stop occurring?
|
Test
Re: unpanyWoomy INSANITY brisenserioffMarch 25, 2012 08:42AM |
I see your point
|
Re: unpanyWoomy INSANITY brisenserioff March 25, 2012 09:35PM |
Registered: 8 years ago Posts: 785 |
Test Wrote:
-------------------------------------------------------
> I see your point
Thanks Test but the concern I have is, if the forum is on a secure server (https) then is there a similar vulnerability on the trading server?
-------------------------------------------------------
> I see your point
Thanks Test but the concern I have is, if the forum is on a secure server (https) then is there a similar vulnerability on the trading server?
|
Re: unpanyWoomy INSANITY brisenserioff March 25, 2012 10:25PM |
Registered: 6 years ago Posts: 287 |
ORACLE Wrote:
-------------------------------------------------------
> Test Wrote:
> --------------------------------------------------
> -----
> > I see your point
>
>
> Thanks Test but the concern I have is, if the
> forum is on a secure server (https) then is there
> a similar vulnerability on the trading server?
SSL (HTTPS) has little to do with app security. This is a common misconception.
All SSL does is prevent snooping on the connection between you and the server (so, for example, no one can steal your password or credit card number when you submit a form). It is about privacy, not security.
If someone has found a bug in Phorum that allows posting without an account, that would exist with or without SSL. The bug also likely has nothing to do with the trading application. I don't think you should be worried - except that it might be evidence sysadmins aren't keeping software patched and up-to-date.
-------------------------------------------------------
> Test Wrote:
> --------------------------------------------------
> -----
> > I see your point
>
>
> Thanks Test but the concern I have is, if the
> forum is on a secure server (https) then is there
> a similar vulnerability on the trading server?
SSL (HTTPS) has little to do with app security. This is a common misconception.
All SSL does is prevent snooping on the connection between you and the server (so, for example, no one can steal your password or credit card number when you submit a form). It is about privacy, not security.
If someone has found a bug in Phorum that allows posting without an account, that would exist with or without SSL. The bug also likely has nothing to do with the trading application. I don't think you should be worried - except that it might be evidence sysadmins aren't keeping software patched and up-to-date.
|
Re: unpanyWoomy INSANITY brisenserioff March 25, 2012 11:13PM |
Registered: 8 years ago Posts: 785 |
Thanks eeyore, I really appreciate your help, as I think the best security is understanding a bit about what we use. 
|
Re: unpanyWoomy INSANITY brisenserioff March 26, 2012 12:21AM |
Registered: 7 years ago Posts: 34 |
From the Phorum homepage: "...allow a webmaster to create modules for using external authentication"
By the looks of it, they haven't integrated the Membership provider for iPredict (the thing that handles logging in and out etc.) with Phorum.
So it's not a bug as such, it's probably just been left out to save resources.
By the looks of it, they haven't integrated the Membership provider for iPredict (the thing that handles logging in and out etc.) with Phorum.
So it's not a bug as such, it's probably just been left out to save resources.
Sorry, only registered users may post in this forum.
Click here to login
This forum is powered by Phorum.