Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other
Author Message
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Sun Jun 10, 2007 2:39 pm Reply with quote

I can´t check every download and his function and my community grows every day. Communities are the place for so many kind of peoples and to trust everybody isn´t possible also its naive to believe there are only good guys.

Therefore I asked me:
How to make sure that submitted downloads are really clean ?
That s-kripts are really harmless.
Sure, I would always get feedback from a group of my members if they could test it before its added to the downloads. Maybe thats the only way but thats not the way I prefer when there are better methods.
Only registered members can add downloads.

Okay, that helps a bit but in reality that doesn´t prevent such things because of the anonymity of the web.
"Downloads use at your own risk !" I have this sentence already added.
Of course upload isn´t allowed.
Any other tips how to handle this problem would be interesting !
 
View user's profile Send private message
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Sun Jun 10, 2007 8:41 pm Reply with quote

It sounds like you are doing everything you can.

Do you have regular members that submit downloads, or is it that many people submit downloads? If mostly regular members, just check the downloads that come from others...

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
Susann
PostPosted: Mon Jun 11, 2007 4:12 am Reply with quote

Well, I found out that I need to be be extremely cautious when people register new just to submit a download or one forums post with a download link.
The last skript kiddie said, after he was convictable, I´m really sorry for that what I did, but that absolutely doesn´t help.
I have to deal with such things and there isn´t a easy solution.
 
jakec
Site Admin


Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom

PostPosted: Mon Jun 11, 2007 5:48 am Reply with quote

Perhaps you could only allow users who have been active on your site to add downloads. For example participated in a set number of discussions.
 
View user's profile Send private message
Susann
PostPosted: Mon Jun 11, 2007 2:54 pm Reply with quote

I believe there isn´t an universal solution to this issue.Suspect downloads
should be tested by a group before the download is added to the db. That would be the best guarantee for me.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - Other

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©