Usergroup: Administrator
Joined: Dec 21, 2001
Location: Northern California
Total Topics: 49
Total Posts: 5539
Posted 04/01/08 - 11:35 AM:
#2
I emailed you and everyone else in early 2006 informing you that it was absolutely critical to upgrade to 3.3.21+ or you would be hacked. You refused to upgrade, so of course you got hacked. Probably many times, only noticed now.
I know you don't care much about your site, since you didn't think it worth putting a few hours a year into it, but on a shared web host you have a responsibility to the others hosted on the same server -- who will have their email blocked because of spam from your hacker, for example.
Usergroup: Customer
Joined: Feb 19, 2003
Total Topics: 18
Total Posts: 90
Posted 04/10/08 - 10:06 AM:
#3
Nice to hear from you Paul.
I actually do care about my site I have designed my templates to what i wanted them to be and new features became far more advanced then what I needed, I was happy with my directory until this incident.
I did miss the warning email, and do not think that passing judgment is the right reaction.
Is there any way I can correct the security hole without upgrading?
Usergroup: Administrator
Joined: Dec 21, 2001
Location: Northern California
Total Topics: 49
Total Posts: 5539
Posted 04/13/08 - 01:35 AM:
#4
No. I don't even keep copies that old.
Just as you need to know traffic rules to drive, you need to know decent security practices to use software. The most fundamental security practice which applies to all software is that you keep it reasonably up to date.
Template updates are fairly simple since 4.1.0, but nothing can change the past.
Print
security issue
