Driven5 wrote:
Can't say I'm the biggest fan of the new look...But keeping the site secure is more important than some things I can probably get used to with a bit of time.
It had to be done. PHPBB2 got hacked hard. Just try and access their main site.
http://phpbb.com the failure is explained on area 51 as follows:
Quote:
Downtime and Server Compromise
by Marshalrusty » Mon Feb 02, 2009 12:04 am
As you may already be aware from the message on phpBB.com or the topic in the #phpBB channel on Freenode, we have recently been attacked via a vulnerability in an outdated PHPList installation. The initial attack was performed well before a new version of the software was released or a patch provided. It is important to stress that no vulnerabilities have been found in the phpBB software itself.
We took area51.phpBB.com down along with phpBB.com to ensure integrity and prevent further damage. While we actively work to bring phpBB.com back online, we would also like to inform you of the damage that has been done.
The attacker gained entry through the PHPList application and was able to dump a complete backup of the emails on file. He then used the same exploit to access the phpBB.com database. Both the email list from PHPlist and a copy of the phpBB.com users table were then posted publicly.
Since I used the same username and password with my phpbb account I thought it was wise that I immediately change my password and update to the newer software package for everyone's sake. Yes it sucks, but I hope we can adapt and overcome in time.