Geeklog Forums

Geeklog is the most Insecure portal I’ve ever used, I’ve been hacked for the 3rd time and I’ve tried everything to eliminate hackers but I was hacked one again. I’ve decided not to use geeklog because this is the worst portal ever. Sure I’ve used phpNuke and stuff like it but I never had problems like I had with geeklog. However, i DO NOT intend to put the developers down for the work that they’ve done I respect them and the job that they tried to do. I’m just disappointed…

take care....

Your dreaming apeson, If your geeklog site is having security issues it is either that box your on or it is your setup of the system.

Geeklog was chosen by me over all the other choices out there because of its security. I just wanted to add my two cents because I beleive your wrong.

Nice way to show that

geKow

Well, without any further details, there isn't really much to say here. For example, what makes you think that it was even Geeklog that was hacked? Some add-ons or other scripts that you have on your site may have caused the problems.

And it's also possible to install Geeklog in ways where it can be hacked easily (e.g. not changing default passwords, not following the installation instructions properly, ...).

If you can provide any information to substantiate your claims, then we would like to hear about it. Please send any details you could provide to geeklog-security@lists.geeklog.net and we'll look into it (see this page for further information).

bye, Dirk

Easier: post here your URL. And maybe someone could tell you what's wrong. Of course, the risk is you'll be hacked again. But at least, you'll now the reason.

It has to be the box his system is run on. I have had people try to hack my server, but have failed... so far.
I believe Geeklog developers make security a priority. since I have started running GL, if a hole has been found, or even thought of, the developers fix it or look into it before doing anything else.

I think the developers are doing a great job

---

http://70.145.174.180/

i work as a security analist for some site, and i did find acouple of holes in gl including the current version that i my self have still to path, but i rather let gl path it.. i dont know if i should post it here.. or just email it to someone trustable enought to pass it to the right person

get ready phpnuke is worse and good luck

In case that Geeklog Security link is not prominent enough: Please post any security issues that you may have found to geeklog-security@lists.geeklog.net and we'll look into it.

bye, Dirk

it has to be his box or setup
sofar gl is the best i have used

I have to make a switch, and I'm considering GL. My phpnuke site has been hacked one time too many.

Lore dont let that fool you phpnuke is far to worse then gl, take my word for it... i work as a security analist, and i have seen over 50 users who uses phpnuke and got hacked.. and over 25 users who uses gl that got there site hacked, the limit is a big difference

If the server your GL or PHPNuke is not totally secure how can you expect any application that runs on it to be secure. No one can say any portal is better than any other for security infringements if someone is detirmined to get in they will it just up to us to make their job harder by making our server secure in the first place.

Sorry English is not my first language so hopefully my reply make sense to read.

Tess

not only the server, but the portal itself the server is the hosts job to deal with, ifi ts the server then gl or phpnuke has nothing to do with it... as long as M$ servers are always updated or linux kernel is always patched/updated then everything is fine.. now this is the part where the portal comes in.. see its two different things

sounds to me like she realizes that?

heh she said server, i didnt read any thing about portals in her post, just tring to clear that out

I was not comparing any portal against another - I was saying if you have not set up your server properly or if your server is not maintained properly any application running on it cannot be 100% secure.

There is more to a secure server than the latest updates for example do you run ftp or SSL is your sql and php set up properly and so on if these things are not running in a 100% secure mode then there are back doors for a hacker to enter.

I do run my own server not just rent space on a server and have done so for 10 years now.

I have run many portals and each has its faults and advantages our server runs 1 instance of phpnuke and a number of GL. These are all our own operated sites we do not rent space. I will not stir things by saying which is more or less secure.

Have we been hacked - yes but not through a portal but through Perl about 6 years past.

Tess

windows server? anyways.. good luck i know what you mean