Tag: MyBB 1.8

The new version of MyBB fixes three security risks and 14 other issues.

Two of the security risks are with a medium risk potential.

But don’t forget to create you backup before updating your MyBB.

The new MyBB 1.8.11 is available and ready to download. It fixes three security risks, for example a gap in the email-MyCode.

Also there have been fixed 32 other issues, so you should download the new version really quick.

Because of changes in the structure of the database, the execution of the upgrade scripts is required.

MyBB 1.8.10 has been released. It’s a pure maintenance update which does fix 22 reported issues with MyBB 1.8 series.

You can (and should) download it from Mybb.com and update your forum to 1.8.10. Please note, that the upgrade script is required and don’t forget to backup your forum before updating!

MyBB 1.8.9 is out and it does fix one low security risk.

It is possible to start a CSRF attack on MyBB 1.8.8 when removing subscriptions. 1.8.9 does fix that issue.

There have been 52 other reported issues fixed so updating your MyBB is highly recommended although it’s not that urgent.

The fixed issues include:

Continue reading MyBB 1.8.9 fixes one low security risk

MyBB 1.8.8 has been released. The new version does fix 7 security vulnerabilities, four of them with a medium risk potential. There have been 58 issues fixed.

You should update your MyBB as soon as possible. Don’t forget to create a backup before updating your installation. The update script is required.

The Merge System has also been updated to version 1.8.8.

The MyBB development team released a new version of MyBB 1.8. MyBB 1.8.7 is a maintenance and security update. It does fix 13 security vulnerabilities and 83 reported issues of MyBB 1.8.6.
Beside a lot of low-risk XSS injections, a possible SQL Injection in the moderation tool has been fixed which is declared as medium risk.

You should update your MyBB forum as soon as possible to include these security fixes.

If you are upgrading from MyBB 1.8.6 you can use the changed file package for the upgrade to 1.8.7. Do not forget to make backups first and run the update script after you replaced your old files with the new ones!

You can find the update descriptions on the official MyBB blog.

You should always keep your MyBB at the newest version to prevent hackers from getting access to your forums files and data. If there are security updates you should always update your forum as soon as possible.

This has been the first update that was not released for MyBB 1.6 too, because the support period for MyBB 1.6 has ended. I do expect that MyBB 1.6 does still carry the same security issues as 1.8.6 does. If you are still using MyBB 1.6 it’s the final call to update to 1.8 now.

If you do run MyBB on a Windows Server with the built-in IIS webserver you might notice that MyBB is slower on IIS installations than on Apache.

The reason is in the database connection of the default installation of MyBB. The default value for the database server is localhost which is correct for most installations. On IIS, setting localhost as database server will cause a DNS lookup in the system. This DNS lookup takes some time and slows down your MyBB on every single database connection start.

The lookup can be prevented which saves you up to two seconds on each pageload if you do not set localhost as database server but use the IP of the database server. In most cases, you’ll have the database on the same – local – server and the IP will be 127.0.0.1.

Continue reading Speed up MyBB on IIS installations

MyBB has no default setting to deactivate the registration agreement for your users. The following tutorial will show you, how you can deactivate the agreement if you do not need it. Continue reading Deactivate MyBB Registration Agreement