This topic is locked
verified user
*motions towards woekle*
I heard he's in that line of "business"
Advertisement
[Bug Report] No User Agent breaks the forums
Rate Topic:
MultiQuote
former FS member
#13
FragginNewby (old) 
- Joined: 07-February 04
- Posts: 2,026
- LocationKilladelphia, PA
Posted 25 January 2006 - 11:56 PM
Most people use IE... roffles. Which leads to the point that most people have below average IQs, some significantly so.
#14 Guest_agiantblackdude
Posted 26 January 2006 - 01:05 AM
Security on this forum is non-negotiable. Ghozt is correct in his position regarding this. During my over a year as host here, we were attacked time and time again by a disgruntled former "employee" of SID.
This is like Las Vegas, bro, the information collected about you in the logs... stays there. Unless you're doing something you shouldn't, in which case it goes to the proper authorities. Maybe a simple "privacy statement" would put some people at ease, but this is a paper tiger, and I give those about as much creedence as a "check is in the mail".
It's not as if we're asking for a scan of your passport, state issued driving license or military ID. Oh, a retina scan and thumbprint, your first pets name, your moms cup size and some Slim Jims, too.
This is like Las Vegas, bro, the information collected about you in the logs... stays there. Unless you're doing something you shouldn't, in which case it goes to the proper authorities. Maybe a simple "privacy statement" would put some people at ease, but this is a paper tiger, and I give those about as much creedence as a "check is in the mail".
It's not as if we're asking for a scan of your passport, state issued driving license or military ID. Oh, a retina scan and thumbprint, your first pets name, your moms cup size and some Slim Jims, too.
Advertisement
#16
ghozt (old)
- Joined: 16-January 04
- Posts: 862
- LocationDelaware, USA
Posted 26 January 2006 - 02:25 AM
This is not a phpbb limited issue with the user agent, (by default in firefox you do not have this issue) the rules in the/MY mod_security config want to know who you are or they deny you entry. Its doing its job, ovbiously its not a bug or something that needs improving on. 
#17
mitsubishi
Posted 26 January 2006 - 02:39 AM
while the thread's idea looks security paranoid to me, it's quite easy to have a browser send whatever in that string and in effect make it a joke.
#18
ghozt (old)
- Joined: 16-January 04
- Posts: 862
- LocationDelaware, USA
Posted 26 January 2006 - 06:35 AM
No one was laughing last time the boards db was wiped clean and tagged by the hacker - NeverEverNoSanity WebWorm (which for once wasnt bas). phpbb was vulnarable through a php hole and I used a custom ruleset/config for mod_security made by other users in my data center and posted in their security section of their forums.
Besides I told this guy the reason this was happening and why it was happening. Also I told him that I would look into it, and not even a day later he's here posting about it and calling it a phpbb bug when it was fully explained what it was and what it was not to him, Even with an exert from the audit_log to show him. So why bother now, So far he's 1 in 2511 with a problem.
Besides I told this guy the reason this was happening and why it was happening. Also I told him that I would look into it, and not even a day later he's here posting about it and calling it a phpbb bug when it was fully explained what it was and what it was not to him, Even with an exert from the audit_log to show him. So why bother now, So far he's 1 in 2511 with a problem.
1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users
Advertisement