what are you actually looking for? most of the information is already out there but i do agree, only problem is the real security problems should be sent to a dev first and all the other info normally isn't a real security problem.
Its not a good thing to have a security forum in the open if there are exploits there.
e107 should have a place where: 1. All user can add security issues and view their own contributions 2. a group of selected VIP/Known persons/Support/Admins/Other people with long experience with e107 have access to see and discuss the issues.
But this a side, I don't think there is a real need for this.
What I see now is a lot of separate posts related to hacks, and some "Stickys" on what to do. I think if there was a separate security forum here, or a link to e107security.com, all that info would be in one place, and easier to find.
Things like sites hacked, How to recover, how to protect against it. Questions about how to, fix, recover, etc.....
I think the core should focus on the CORE, not the core and security of the core. Same with the plugins section, or e107 general discussions.
I also agree when an hole or exploit is discovered, it shouldn't be posted in here, but sent to the right email address 1st, so that they might have a little lead time in finding a solution before it runs rampant, then THEY email everyone that there's a solution, THEN we talk about it in the forums.
It's still just a little disorganized, with thread like "ZB Block", Hardening" "FLOOD Attacks" all in the core. THEN, " Access Denied", "Sanitised", etc under Installation. THEN, "ZB Block install", etc under third party, And there's more spread throughout the forums. All have security in common. The CORE should be the CORE forum.
That's all I meant. I think the sooner it's sectionalized, or doen via e107security, the better the communication will be, and the easier it will be to find the solutions (again, as in my case with my porous mind).
Yeah, even just a separate forum section to start.
It would(will) be nice if(when) they reorganize the joint. Like I said in other posts, it's like you step into the CEO's office (CORE), and there's not real front desk (Welcome/Help) to be seen. That's fine for people who have struggled through and got comfortable over the last 5 or so years, but for noob's it's wicked confusing.
Just a little organization of forums, and a REAL index page, with links to all things e107 would be a huge leap ahead.
Pointers in order of how they might be used.
Language/Country based sites Reviews Installs and upgrades Plugins Core Training Support Lounge
It needs to be looked at from a newcomers point of view, so they can get up-to-speed fast, and start contributing.
I think with the heavy front-end of the forums, the core is the dumping ground for all posts, when it should be one of the last stops, for people who have been through the reviews, language selection, an install, the help, etc.
BUt, I've been saying it, others have been saying it, and nothing. Something that might take 2 hours to reorganize, even if more than enough are made, it's easy to consolidate. Better than having to go through and seperate.
It's aggravating as hell to know that e107 is powerful and capable enough to easily configure and do this, but it hasn't been done yet.
Just do it!!!
Gimme da damn keys, and I will do it!!! Maybe they want me to actually set it up on a TEST SITE so they can see it, cause it can't be imagined. I dunno. *shrugs*
Just my .5 cents worth (damn taxes, exchange rates and transaction fees)
To me, you're saying, Microsoft should supply protection for just microsoft products, Adobe, adobe products. etc. and none interact with the other, so each one should redundantly deal with the same issues. There should be no one program (place) to handle all the same, or similar issues.
If an attack affects the core, through and input, that same attack could come in through a plugin, or third party code, a hack, anyway. What if we don't know at first, then we have wasted/useless posts in some forums, related but newer in others, or the mods have to move them like musical chairs. If something is definitely wrong with the core, it will be talked about in that forum. Or the errors with a plugin, it's discussed there, but the security aspect of the problems, I think should be in one place. Easier for ALL to find, and determing similarities with others that may appear, on have already existed.
Plus, there will be security experts, and core experts, and plugin experts, and third party coders. Each should have thier own sections, and hopefully more sections will come about for people such as training experts, languages, documentation, etc. Organizing is the key to getting new people onboard and up to speed so they can begin to contribute. In this case, organizing security in one area will make it easier to find and implement the solutions, rather than people having to go through each forum, when they have no clue whether the cause is the core, or plugin, or thrird party code. I think the people that have been here can find a way to adjust to something called organization, but it would really benefit the newer people, who haven't worked this maze for the last 5 years.
I think orgainizing security is one thing that shouldn't be redundant, and it should be kept in a focused and organized area, but that's just my opinion.
All product names mentioned herein are the trademarks of their respective owners. In addition, images, logos, pictures or other material may be trademarks or registered trademarks of their respective owners. Emote images by seb, released under the GPL license. With the kind support of Corllete Lab Studio. Forum Icons by Axialis Team.