 I tried to get a site running using Dolphin about a year ago. Ended up stopping due to some hacking and security issues. Figured I'd give it a go and try again. Went to http://www.demozzz.com/orca/demo/ only to see a bunch of scripts saying the site is "owned by King-T" I'm taking it then that Dolphin still has major security issues? Cheers MD |
That's kinda funny. Orca really is a poor excuse for a forum inplementation. I really wish Boonex would just ditch it an integrate a real forum script. My opinions expressed on this site, in no way represent those of Boonex or Boonex employees. |
If you remove this from dolphin 6.1.4: RAY - MUSIC AND VIDEO PHOTOS - PHOTOS UPLOADING (ONLY ALLOW USERS TO UPLOAD PROFILE PHOTOS) IM MESSENGER ORCA (THIS IS THE BIGGER HOLE) ADVICE: Change the name of your ADMIN folder. your site will be 70% secure from hackers. the other 30% is missing. |
In my opinion, asking if Dolphin, Orca (or any of boonex's products for that matter), has major security holes is like asking if pepperoni is excellent to put on pizza lol. My question would be to start asking, let me rephrase that, I wouldn't ask, I'd start DEMANDING, that Boonex start cleaning up the act and get air-tight about security and serious about their product BEFORE doing any sort of purchasing! Why pay them to keep providing a vulnerable and unstable product time and time again??
If you're gonna stand by your product and ask people to support it with purchases, then you better be on the ball when it comes to ensuring your users are protected, the software is stable and the exploits that are the same in each and every version (which baffles my mind) are gone.
If I was a paying customer, I'd start demanding refunds until I actually got my money's worth and I could rely on my site being there the hour after installation. Just another point, if people are being hacked within HOURS of installations and don't have any traffic, that would tell me the hackers have inside notifications on fresh installations. Which would mean they've either comprised the software itself or the plugins that are installed into it. Just makes sense. What are the odds that as soon as you get a new install of Dolphin for example, on a site that is brand new, that has not been indexed, has absolutely no-inbound traffic except for yourself checking the site out, is absolutely unknown to the rest of the world and suddenly a "hacker" being bored, just happens to "guess" your unknown domain with the NEW installation of Dolphin and just happens to exploit and take over your site that very same hour or day??
I'd say the odds of that happening are alot higher than you winning the million dollar lottery lol. It just doesn't happen like that lol.
I understand that you cannot control 100% of anything, BUT, the hackers are using pretty much the same techniques and methods to get in. Seriously, have you seen Facebook, Youtube and myspace brought down recently over and over and over and over? Not to mention having their own demo page hacked while still trying to convince the users that "it's you and not the software"?? Short answer...No!
Regardless if the hosting is on a shared box or not, the software should be designed to accommodate ALL hosting environments and should be able to be ran securely without a sense of "Oh no! If I install and use Boonex, I'm gonna get hacked!" fear!
Forum software builders plan ahead and secure their software for 99% of installation environments and it works exceedingly well. Bout the only time you get hacked is when you forget to upgrade and / or set wrong permissions. And if the software itself is hacked due to poor code construct, they IMMEDIATELY patch it and release a new stable and secure version without making excuses to cover up laziness.
Not to continue on the rant, but why is it when ever any one here asks Boonex to explain why there isn't a stable, secure version you pretty much get hostile replies (from the staff and developers themselves. It's like they take offense to the FACT their software is extremely dangerous to use on a live server) and you're told, "you must be on a shared host..." or "During install, you didn't set permissions" and my personal favorite, "It's your fault simply because it is." In not so many words lol.
I'm sorry, but I absolutely refuse to use any software where the developers just don't care enough about their users to make sure they are safe and secure when using their products. And I certainly wouldn't be paying them to get me hacked!
|
In my opinion, asking if Dolphin, Orca (or any of boonex's products for that matter), has major security holes is like asking if pepperoni is excellent to put on pizza lol. My question would be to start asking, let me rephrase that, I wouldn't ask, I'd start DEMANDING, that Boonex start cleaning up the act and get air-tight about security and serious about their product BEFORE doing any sort of purchasing! Why pay them to keep providing a vulnerable and unstable product time and time again?? If you're gonna stand by your product and ask people to support it with purchases, then you better be on the ball when it comes to ensuring your users are protected, the software is stable and the exploits that are the same in each and every version (which baffles my mind). If I was a paying customer, I'd start demanding refunds until I actually got my money's worth and I could rely on my site being there the hour after installation. Just another point, if people are being hacked within HOURS of installations that are NOT live and don't have any traffic, that would tell me the hackers have inside notifications on fresh installations. Which would mean they've either comprised the software itself or the plugins that are installed into it. Just makes sense. What are the odds that as soon as you get a new install of Dolphin on a site that is brand new, that has not been indexed, has absolutely no-inbound traffic except for yourself checking the site out, is absolutely unknown to the rest of the world and suddenly a "hacker" being bored, just happens to "guess" your unknown domain with the NEW installation of Dolphin and just happens to exploit and take over your site that very same hour or day?? I'd say the odds of that happening are alot higher than you winning the million dollar lottery lol. It just doesn't happen like that lol. I understand that you cannot control 100% of anything, BUT, the hackers are using pretty much the same techniques and methods to get in. Seriously, have you seen Facebook, Youtube and myspace brought down recently over and over and over and over? Not to mention having their own demo page hacked while still trying to convince the users that "it's you and not the software"?? Short answer...No! Regardless if the hosting is on a shared box or not, the software should be designed to accommodate ALL hosting environments and should be able to be ran securely without a sense of "Oh no! If I install and use Boonex, I'm gonna get hacked!" fear! Forum software builders plan ahead and secure their software for 99% of installation environments and it works exceedingly well. Bout the only time you get hacked is when you forget to upgrade and / or set wrong permissions. And if the software itself is hacked due to poor code construct, they IMMEDIATELY patch it and release a new stable and secure version without making excuses to cover up laziness. Not to continue on the rant, but why is it when ever any one here asks Boonex to explain why there isn't a stable, secure version you pretty much get hostile replies (from the staff and developers themselves. It's like they take offense to the FACT their software is extremely dangerous to use on a live server) and you're told, "you must be on a shared host..." or "During install, you didn't set permissions" and my personal favorite, "It's your fault simply because it is." In not so many words lol. I'm sorry, but I absolutely refuse to use any software where the developers just don't care enough about their users to make sure they are safe and secure when using their products. And I certainly wouldn't be paying them to get me hacked LOL! Let me get this straight..... you think pepperoni is excellent on pizza??? My opinions expressed on this site, in no way represent those of Boonex or Boonex employees. |
lol..To funny! I'm a hawaiian delight kinda guy lol. |
Let me get this straight..... you think pepperoni is excellent on pizza??? A pizza is not a pizza without it. https://www.deanbassett.com |
My pizza has got to be BBQ bacon cheddar cheese burger.. mmmm hmmmm. I like this, we should have more pizza related posts! |
Quote" Rename your admin folder" from Richardtov... Did you have to go threw all the php files and repalce the "admin" directory to the new name, just renaming the folder will cause errors, I just tried it.. |
lol..To funny! I'm a hawaiian delight kinda guy lol. Hawaiian pizza?? Don't make me hurt you. My opinions expressed on this site, in no way represent those of Boonex or Boonex employees. |
My pizza has got to be BBQ bacon cheddar cheese burger.. mmmm hmmmm. I like this, we should have more pizza related posts! Hmmmmm....... sounds like something that should come with a discount coupon for angioplasty. My opinions expressed on this site, in no way represent those of Boonex or Boonex employees. |
lol..To funny! I'm a hawaiian delight kinda guy lol. Hawaiian pizza?? Don't make me hurt you. Hawaiian pizza.. :) Ok back to business.. I hope the new dolphin will fix all the securrity isues (or at least the vast majority of them).. It's kinda sad that such a great script is so vulnerable.. Boonex please make a move.. |
My pizza has got to be BBQ bacon cheddar cheese burger.. mmmm hmmmm. I like this, we should have more pizza related posts! Actually bacon, chedder and hamburger is pretty good. Don't know about the BBQ though. https://www.deanbassett.com |
lol..To funny! I'm a hawaiian delight kinda guy lol. Hawaiian pizza?? Don't make me hurt you. That's right. Nothing better than a nice thick slice of juicy hawaiian pizza. Loaded with pineapple and canadian bacon lol.
My all time favorite would be Hot Stuff from Godfathers though. Man alive that's good! Loaded with jalapenos, spicy italian sausage, moz cheese and sauce. Mmmmm! lol.
BBQ Bacon cheeseburger huh? Sounds good. Also sounds like a heart attack waiting to happen. Weirdest pizza I've ever tried was Japanese pizza. Instead of tomato sauce, they used mayo and put fried beef, some kind of noodles, mushrooms and peppers on it. Not bad, just funky. |
lol..To funny! I'm a hawaiian delight kinda guy lol. Hawaiian pizza?? Don't make me hurt you. That's right. Nothing better than a nice thick slice of juicy hawaiian pizza. Loaded with pineapple and canadian bacon lol.
My all time favorite would be Hot Stuff from Godfathers though. Man alive that's good! Loaded with jalapenos, spicy italian sausage, moz cheese and sauce. Mmmmm! lol.
BBQ Bacon cheeseburger huh? Sounds good. Also sounds like a heart attack waiting to happen. Weirdest pizza I've ever tried was Japanese pizza. Instead of tomato sauce, they used mayo and put fried beef, some kind of noodles, mushrooms and peppers on it. Not bad, just funky.
I didn't even know Godfathers was still in business! I haven't seen one in years! |
O yeah..Back home we have 2 in the city I lived in and quite a few over the state. I LOVE their pizza crust. I wish I could find a way of getting ahold of their recipe.
I might have to go 007 on them and get hired just to obtain trade secrets lol.
I actually sent them a letter once asking if they'd be willing to explain how they made their dough and the only reply I got was some coupons and a thank you card lmao. |
