CyberSpy5????

Web Wiz Forums is one of the most secure forum systems you can get, with security sites monitored all the time for any vulnerabilities not already bought to my attention and any that are found patched and a new release within 12 hours.

Make sure that you are running the latest version (8.03 at the present time) and if you are using the Access version that you have secured your Access database and all admin/moderator passwords are strong alpha/numeric.

Uploading should be fine, but for extra security I would recommend that you remove write and modify permissions from all other folders on your site except the upload folder and the Access database folder. Also ensure that you only allow 'safe' file types to be uploaded.


Edited by -boRg- - 17 August 2006 at 8:55am

If you are using 8.03 SQL Server version then they won't have got in through Web Wiz Forums they would have got into the server some other way, unless you have allowed the uploading of ASP files.

You would need to look at your server log files to workout how they got the cyberlink5 file on the server and thats if it wasn't placed in their months ago.

However, if you want to make sure your site and server are safe you shouldn't allow file uploads for users, and if you do you should make sure all other folders and files on your web site have read only permissions.