MyBB 1.8.9 fixes one low security risk

MyBB 1.8.9 is out and it does fix one low security risk.

It is possible to start a CSRF attack on MyBB 1.8.8 when removing subscriptions. 1.8.9 does fix that issue.

There have been 52 other reported issues fixed so updating your MyBB is highly recommended although it’s not that urgent.

The fixed issues include:

Continue reading MyBB 1.8.9 fixes one low security risk

MyBB 1.8.8 fixes 7 security vulnerabilities

MyBB 1.8.8 has been released. The new version does fix 7 security vulnerabilities, four of them with a medium risk potential. There have been 58 issues fixed.

You should update your MyBB as soon as possible. Don’t forget to create a backup before updating your installation. The update script is required.

The Merge System has also been updated to version 1.8.8.

MyBB 2.0 requires PHP 7 as minimum version

A lot of shared webhosts are currently migrating from PHP 5.3 and PHP 5.4 to PHP 5.5 or PHP 5.6. PHP 7 is fairly new, web software is slowly adapted to support the new standard – mostly beside supporting old standards like PHP 5.6.

The MyBB team announced that MyBB 2.0 will no longer support the PHP 5.X series. The minimum PHP version required to run MyBB 2.0 will be PHP 7.

PHP 7 is faster and more secure and brings up some nice new features, the MyBB devs want to use. But PHP 7 is not that widespread at the moment. A lot of PHP extensions like Imagick or Ioncube have not yet been stable updated to PHP 7 and a lot of webhosters have only installed the core PHP 7 version for advertisement reasons.

It’ll take some time until MyBB 2.0 will be released – we still expect some alpha, beta and rc versions before. But if MyBB 2.0 will be ready, you should have a webhost supporting PHP 7. If you are using other web software with MyBB, make sure it’ll be updated for PHP 7 too.

MyBB 1.8.7 brings security and maintenance updates

The MyBB development team released a new version of MyBB 1.8. MyBB 1.8.7 is a maintenance and security update. It does fix 13 security vulnerabilities and 83 reported issues of MyBB 1.8.6.
Beside a lot of low-risk XSS injections, a possible SQL Injection in the moderation tool has been fixed which is declared as medium risk.

You should update your MyBB forum as soon as possible to include these security fixes.

If you are upgrading from MyBB 1.8.6 you can use the changed file package for the upgrade to 1.8.7. Do not forget to make backups first and run the update script after you replaced your old files with the new ones!

You can find the update descriptions on the official MyBB blog.

You should always keep your MyBB at the newest version to prevent hackers from getting access to your forums files and data. If there are security updates you should always update your forum as soon as possible.

This has been the first update that was not released for MyBB 1.6 too, because the support period for MyBB 1.6 has ended. I do expect that MyBB 1.6 does still carry the same security issues as 1.8.6 does. If you are still using MyBB 1.6 it’s the final call to update to 1.8 now.

Translate your MyBB forum in more languages

If you have great topics in your forum, you should get visitors from many countries, even if they do not speak the main forum language. I’ll talk about a proper multilanguage setup of your forum in this blog post.

One of the advantages of MyBB is the amount of languages available for the forum software. Continue reading Translate your MyBB forum in more languages