By now, you’re familiar
with the Heartbleed
vulnerability that’s
all over the news.
It’s just another
reminder about the
importance of securing
your server and forum.
I made a plugin here
to tell you if your
server is vulnerable.
You may remember the
recent hole in vBulletin
that affected 3.x all
the way to 5.x…
You may also remember
the one a few months
ago with vBSEO, where
~ 150,000 forums were
hacked.
Lots of forum admins think
“it can never happen to me”
They are “invincible”, with-
out saying it.
Remember when you were a
kid? Innocently, the thinking
is very similar for many
admins today.
There IS one important
difference, though.
You don’t have to find
trouble. Trouble will
find you the moment you
enter Google’s index.
Hackers scrape search
results to locate
vBulletin installs, and
when the opportunity
presents itself…
…they hack your board.
What’s worse is that MOST
of the time, hackers WILL
NOT…. ***drumroll***
…tell you that they
just hacked you.
In many cases, they can
hide this from you very
skillfully.
When they do get caught
it’s usually by mistake.
After all, your forum is
an easy source of fresh
email addresses & passwords.
These email addresses and
passwords can reveal valuable
information like credit card
numbers, addresses, bank
information, etc.
You’re doing the hard work
for the hacker by gathering
fresh emails and passwords
everyday.
Why would the hacker kill the
golden goose by letting you
know they’ve hijacked your
board?
Oh, YES, I said passwords.
vB’s salt and encryption
mean NOTHING if your
user database is stolen.
Most people use simple
passwords, and this makes
it very easy to decrypt
passwords in 2014.
That’s not all.
What if you were a member
of a forum and all suddenly
someone hijacks your email
account?
How would you feel not
knowing how or why it
happened and not knowing
what the hacker took?
That would surely ruin
your day.
What would be worse is if
you found out which forum was
hacked and knew the admin was
negligent.
Heck, you might not even care
if the admin was negligent.
You lost something, you’re
pissed and it’s not your fault.
It has to be the admin’s, right?
If the losses you incurred were
severe, who knows what action you
and others might take against the
admin of the site.
Think about how Target was sued
because of their data breach.
That’s not something you want to
go through as an admin, or a member.
Some forums out there do the right
thing, and take proactive steps to
make sure this doesn’t happen to
their community.
For example, some admins always keep
their forum software up-to-date.
A smaller number keeps the number of
plugins installed to a minimum.
But, sometimes, that’s just not enough.
There are too many variables to
consider.
I’m extending to you a Free security
audit. There is no commitment on your
part and there is zero risk to you.
Simply email response@vbresults.com
and I’ll arrange a date and time to
perform your audit.
Be mindful of our hours of operation
on the homepage. 