Recent content by sheel

@mauzao9 @jacko @ozzy47 Sorry for the late reply - I gladly provide a public XF2 version, after some testing with the newest XF2 version. I should have some time on weekend to tes, provide a bit documentation etc.

@adwade Hi actually, it was not. Stuff happened... and I got a bit out of touch here recently. However, I have both XF1 and XF2 versions, and probably on Weekend I have some time to test with the newest XF2 version and upload them here then. Sorry for the late reply, hope this will be helpful.

No, I don't think they come to the Phillippines. It's not necessary - installing the software etc., if you buy that service, can be done from anywhere over the internet.

Not just for non-EU-companies - the DSGVO (which gets into force in May, and is one of the cases that is valid directly without a need for each member country to implement it in their own local laws) is about privacy, data protection and some related areas, and concerns for every company (inside...

Yay, a Tapatalk thread yet again. Not related to code quality, and it's too complicated to generalize, but: To all EU citizens here (and other companies doing business there too), are you aware that using Tapatalk can very well be illegal? For some reasons now already, and with the new DSGVO...

That's not a protection PHP made ... and, independent of that, even without privilege escalation, having an attacker with local shell access for some valid user is bad enough. One doesn't need to be root to do harmful things, especially to the clients of the webserver. Other than direct shell...

Well, if you can tell an feasible way how to limit it to XFMG, especially only to the original XFMG without changes some attacker made with help of some PHP bug... Allowing exec destroys every kind of sandbox available to PHP installs, be it simple user separation or full virtualization plus...

Please don't. The problem is not if the intended usage is safe and responsible, the problem is that quite some of the not-that-big security holes that are found every week in Apache and PHP become fatal with a bad configuration. The unfiltered ability to execute shell commands for any PHP...

Seriously?? Someone starts a new thing in Oct 2017 that requires Flashplayer (or rather, a hacked computer)? :cry: ... Are you aware that pretty much the whole world, including all notable browser vendors, is trying to get rid of it? That they are making it harder and harder to use it? That...

What exactly doesn't show up? The link to mark threads as solved? If addon settings (prefix ID) and permissions are set, could it be that you've limited the prefix itself to specific subforums etc. (in the prefix settings of Xenforo, in the link I posted above)?

Thanks :) When you open /admin.php?thread-prefixes/ and click on a prefix there, the ID is part of the url, eg. in the url /admin.php?thread-prefixes/something.1/edit it is 1. Thinking about it, a list to choose, instead of the ID number field, would be nice :D At least for the 2.x version...

But that's exactly what you're doing...?

I'm not sure what to answer here ... it would help if you tell us something you couldn't understand.

What's there to elaborate? A connection where both password and file content are not encrypted and authenticated just screams "please read the password and change the uploaded files" (and with full control over all website files, there are many things an attacker can do). In times not just the...

Btw., if you have Cpanel, you should have enough possibilites to ditch insecure FTP and switch to SFTP. With FTP, you're an easy target for being hacked.