UseBB Community

UseBB support, discussion and development

• UseBB Community » 1.0 Discussion » rProtect

rProtect

Page: 1

Author	Post
Dietrich	Quote #1 Sun Mar 19, 2006 9:42 pm
Developer Registered: Apr 2004 Posts: 2230 Location: Belgium	As a result of recent attacks on the registration system, it has come to my mind that the security on this part could be much better. Therefore, I introduce rProtect, a system/project that should make UseBB more secure, similar to YaBB's Guardian. Especially on the registration and anonymous posting part, this implicits: - save the IP address upon registering (using a central logging functionality); - reject more than one registration attempt from the same IP in x minutes/hours; - blacklisted open proxies should be banned by default; - captcha (visual confirmation) enabled for registering and anonymous posting. All these should at least be available in the first public version of UseBB 2. Additionally, some of these features could become available for UseBB 1.0 or a later 1.x version (thus we might make an exception on the roadmap). As security is important, these features have a higher priority than others. Note: we are not saying UseBB is insecure in general, but it is, just as other forum softwares, vulnerable to abuse (without any hacking or cracking involved). That's what we want to prevent with this project. Any comments, suggestions, additions, etc are welcome. « Last edit by Dietrich on Sat Apr 15, 2006 5:03 pm. »
Dietrich	Quote #2 Sat Apr 15, 2006 5:09 pm
Developer Registered: Apr 2004 Posts: 2230 Location: Belgium	The following security features have been implemented into 1.0 RC1: - DNSBL powered banning (nix only); - Registration logging (logs username, email address, IP address, hostname, browser, session start and number of pages); - Never activated members can be hidden from the member list and statistics; - Email address validation by looking for DNS MX records on the domain name (nix only); All these features can be disabled seperately.
Quix0r	Quote #3 Sun Sep 17, 2006 8:57 pm
Member Registered: Jun 2005 Posts: 29 Location: Krefeld	Have you checked your weblog? I have linked my idea there. Please feel free to implement my mod_rewrite-based protection system. If you haven't read it yet, you can also check-out my: My Weblog. Search for the "Comments Post Rewriter Plugin". :-)
Dietrich	Quote #4 Sun Oct 22, 2006 11:11 am
Developer Registered: Apr 2004 Posts: 2230 Location: Belgium	Sorry for the late update, an answer was given on my blog. I suppose you have noticed it already.
Yj98	Quote #5 Sun Oct 22, 2006 11:25 am
Member Registered: Jul 2006 Posts: 41 Location: China	I cannot open ur blog . Its so slowly . _______________ Excuse my English, Improving... My Website
jasidog	Quote #6 Fri Apr 06, 2007 11:55 pm
Member Registered: Apr 2005 Posts: 22	Since Askimet has an API available what do you think about that being integrated to usebb Dietrich? _______________ http://boxers.jasidog.com/talk/
Dietrich	Quote #7 Sat Apr 07, 2007 10:53 am
Developer Registered: Apr 2004 Posts: 2230 Location: Belgium	Akismet is on the TODO list for 2.0.0.
jasidog	Quote #8 Sat Apr 07, 2007 5:37 pm
Member Registered: Apr 2005 Posts: 22	Cool, I guess i should have looked, sorry _______________ http://boxers.jasidog.com/talk/
Dietrich	Quote #9 Sat Apr 07, 2007 7:33 pm
Developer Registered: Apr 2004 Posts: 2230 Location: Belgium	More updated information on rProtect can be found in the introduction PDF document on the development mailing list.

Page: 1

• UseBB Community » 1.0 Discussion » rProtect

RSS Feed · Contact Admin

UseBB Community is powered by UseBB 1 Forum Software