I wonder then ffshrine will learn from the Security Issues back then with many Password Leaks.
Just fucking add an SSL Certification to the Page or use Cloudflare.
If they dont learn, there is no Reason to stay on an Unsecure Forum Board.

An Security Nerd

Someone who knows what to do can easily "fuck up" places with the SSL certification, too, as it has been proven in the past.

Now, if you (or any other user) are no longer satisfied with the level of security around here, you're advised to leave. Seriously, nothing/nobody is forcing you to stay on this piece of shit.
I've already said in the past that neither Jessie, or most of the other staff members have the required "privileges" to fix what's wrong with this place, there's only a single person who can attempt to do so.

Adding LetsEncrypt SSL cert (free) with auto renew script takes a few mins. Server shows apache headers, happy to help with nginx or haproxy config.

If the problem is server privileges then how about hosting or a secure mirror?

Once again, there's just one staff member who can apply such changes.

As for the rest, I can't provide a reply, I know as much as every other user.

Someone who knows what to do can easily "fuck up" places with the SSL certification, too, as it has been proven in the past.

Now, if you (or any other user) are no longer satisfied with the level of security around here, you're advised to leave. Seriously, nothing/nobody is forcing you to stay on this piece of shit.
I've already said in the past that neither Jessie, or most of the other staff members have the required "privileges" to fix what's wrong with this place, there's only a single person who can attempt to do so.

Actually no, if the Server is configured good enough with a Firewall. There is no easy Way to Fuck Up the Cerification.
I am just saying that they could Secure the User better, its just isnt Right to fuck up all User Passwords just because the Admins dont care about Security on their Plattform.

Actually no, if the Server is configured good enough with a Firewall. There is no easy Way to Fuck Up the Cerification.
I am just saying that they could Secure the User better, its just isnt Right to fuck up all User Passwords just because the Admins dont care about Security on their Plattform.
Actually yes, like I said, it happened.

It isn't right, but for what feels like the umpteenth time now: there's currently only a single person who has the privileges required to work on those things and she doesn't show up very often.
So, either bear with it, or leave.

Yeah, i gonna stay here. So things will get better on here for the Future.
Because if nobody is going to Secure it, it shouldnt be online anymore. An True Administrator should care about this.
Just saying.

Edit:
Also this Forum Board is still on Version 4.2.4 which is bad as Well.
https://en.wikipedia.org/wiki/VBulletin
Without any Update to an Newer Version this Board will destroy itself soon, which is Sad.

Actually yes, like I said, it happened.

It isn't right, but for what feels like the umpteenth time now: there's currently only a single person who has the privileges required to work on those things and she doesn't show up very often.
So, either bear with it, or leave.

If you don't mind me asking; In general, is it about cost or is it about taking time to add these additions to the website?

If you don't mind me asking; In general, is it about cost or is it about taking time to add these additions to the website?
Sorry, I'm afraid I can't answer that question, I'm not the one you should ask those things (the right person would be Sarah).
I remember how in the past, when concerns regarding the outdated version of vBulletin were raised by users, they'd get replies along the lines of: "upgrading costs money and there are other issues that need to be taken care of, first," take that as you will.

Well security issues all over with this exist. Just by visiting even my profile page my Antivirus program goes wild with blocking of browser hijacking, remote IP access requests, miner attacks, etc

Actually No, an proper Secured Webpage doesnt Coast anything.
Like i talk earlier you either can: Go to Cloudflare or Setup Lets Encrypt for the Page.
Configurate Cloudflare takes probally 30 Minutes or less. And Lets Encrpyt is configured in Minutes (2-5 Minutes).

Also these Random Database Errors would dissapear as well.
Captured some Minutes before posting this.

*Chuckles*
Go tell all this stuff to Sarah, not me.

EDIT:
And that bit in my post about the cost actually referred to vBulletin and its upgrades, but at this point I'm honestly starting to think you only read what you want to read. *Sigh*
Whatever, I'm done with this discussion; replied to the best of my abilities, given what I know+past experiences here at FFS… Continuing would be a waste of my time. One last piece of advice: if you have other concerns, try sending a private message to Sarah and hope she gets to read it soon.

EDIT:
And that bit in my post about the cost actually referred to vBulletin and its upgrades, but at this point I'm honestly starting to think you only read what you want to read. *Sigh*
Whatever, I'm done with this discussion; replied to the best of my abilities, given what I know+past experiences here at FFS… Continuing would be a waste of my time. One last piece of advice: if you have other concerns, try sending a private message to Sarah and hope she gets to read it soon.

I dont believe that, didnt FFSHRINE had its Page closed a while back to get Donations because they needed it for the Server?
They should have added this vBulletin Renewal to the To-Do List after all?
Also they should have added Security at this Point. Sorry, that excuse isnt Working.

I hate to side with LSK, but come on, you guys are beating a dead horse here. It's something only Sarah can handle; even I got that the first time.

I hate to side with LSK, but come on, you guys are beating a dead horse here. It's something only Sarah can handle; even I got that the first time.

Yes if its an Dead Horse then close The Forum, better then having many Emails + Passwords being stolen.

Yes if its an Dead Horse then close The Forum, better then having many Emails + Passwords being stolen.

If you are not satisfied with how the forum is handled....just stay away or build your own...problem solved!

If you are not satisfied with how the forum is handled....just stay away or build your own...problem solved!

Stop being so ignorant about this Serious Problem.
Also ive already build an Forum on my own.
But that doesnt even matter much, the problem needs to be solved for Everyone.

But that doesnt even matter much, the problem needs to be solved for Everyone.

SinonX3: I agree with you on this matter, and the best thing you can do, like Leon wrote earlier, is to send a PM to Sarah and let her know about this issue.

You can also write down the list of suggestions to the free security options that exists to Sarah and just wait until Sarah gets to read them. It's the only way to get your points across the board at this moment.

How do we contact Sarah to request SSL & other fixes/improvements?

SinonX3: I agree with you on this matter, and the best thing you can do, like Leon wrote earlier, is to send a PM to Sarah and let her know about this issue.

You can also write down the list of suggestions to the free security options that exists to Sarah and just wait until Sarah gets to read them. It's the only way to get your points across the board at this moment.


Already send an Private Message, nothing so far.

Already send an Private Message, nothing so far.
Sarah doesn't even come here 99% of the time


How do we contact Sarah to request SSL & other fixes/improvements?
Try twitter? idk my bff jill

The fact is, as Leon already mentioned several times Sarah the owner of this site now only comes here occassionally, so any higher admin tasks that are under her sole control that cannot be undertaken by the other admins (currently Jessie and Asamiya unless I'm missing someone)... have to wait til Sarah fixes them. Jessie and Asamiya try their hardest to keep everything working, but they can only do so much.

Really, if this site is too buggy or problems with security are too much for your liking... change your IP address and passwords and just never come back here, or stay and accept the issues and risks of using this site (and the internet in general), and stop being a backseat admin/developer.

Bump for more Posts and more Attention to this Problem.

Adding a SSL certificate wouldn't resolve any of the bugs that you've previously posted in this thread such as the "Database error" issue and password leaks. That's an issue with at least the database server itself and the software on the web-facing server, not an issue with the connection between the http web-facing server and the user.

While I do agree that this forum does need a SSL certificate, I feel that the reasons you are stating for getting one in the first place miss the point of what they are intended for.

Adding a SSL certificate wouldn't resolve any of the bugs that you've previously posted in this thread such as the "Database error" issue and password leaks. That's an issue with at least the database server itself and the software on the web-facing server, not an issue with the connection between the http web-facing server and the user.

While I do agree that this forum does need a SSL certificate, I feel that the reasons you are stating for getting one in the first place miss the point of what they are intended for.

Actually using an SSL-Certificate helps a lot because i am sure there are People DDOS ffshrine.org constantly.
I am sure thats the Case, as of my knowledge they use an pretty high-end server if i remember correctly.
So i am sure the Server can handle the Normal Flood of Users easily.
Also Using SSL helps in Securing Password Leaks. Thats Why there is Cloudflare or similar Services around.
Just my Opinion as Technician.

Whenever I used Google Chrome for accessing this site in the last few months, my anti-virus kept blocking Intrusion Attempts. But I don't seem to have any issue on Internet Explorer.

idk my bff jill

I loved this line

https://www.youtube.com/watch?v=4nIUcRJX9-o

BUMP BECAUSE IMPORTANT!

BUMP FOR IMPORTANCE!

where security?