Blokker_1999

As far as I know phpbb3 uses the phpass framework. MD5 has been considered insecure for many years now. Any site still using it might as well simply use plain text.

If al you want to do is raise awareness of a bug then I have to agree. The bug tracker is not a forum and even on a forum people don't like bumping old posts for no real reason.

viewtopic.php?f=13&t=90918

community runs on a different box hosted with hetzner, not ovh. It had a small hardware failure and needed some repairs.

right, i'll have someone look into that

unable to reproduce

first off: assumption is the mother of all f*ckups. We don't use apache and therefore we don't have a .htaccess second: the /wiki/ subdir is something that mediawiki does by default. Blame them, not us. And why does it even bother you? Typing in wiki.multitheftauto.com in your browser takes you to our wiki. After that it's all just bookmarks and/or copy/paste.

But what was a great idea? The fact that we take the hit when someone wants to attack a server (and spent thousands of euros/dollars/pounds/...) on it, money we do not have as well as increase latancy for anyone anyway because they would have to proxy trough our servers? Or the fact that you can use a name instea of an IP (something that is perfectly possible: )?

Further more, i have been told by multiple people that when you type a domain name in the quick connect bar instead of an ip, the client will resolve the domain and connect. So the image in the OP is also wrong. It does work.

DNS names already get resolved with the protocol handler. If they don't get resolved in the quick connect bar, file a bug report please. There is also no need or no advantage for us to set up an infrastructure to get a something.mtasa.com . It would even get confusing to players because they will beleive that if a server has an .mtasa.com domain that it is something official from us.

As has been stated, this offers 0 protection. DNS does not hide anything, it is just a way to translate a name to a number like a phonebook. You can even browse that phonebook. see: http://jupiter.modpro.be/dns.png . Phonebook browsing on the left, tools let you even decide which phonebook (i used opendns here). An online tool for DNS checking on the right The only way to take the load off a server would be to hide it behind another system like a proxy. But than the proxy would become the target of any potential vandal so you are just shifting the problem. Even if you did not use DNS, but MTA added it's own alternative, in the end the client, your game, still has to connect to that server. You can than find the IP of that server by simple tools like netstat (available in every OS) or by more complex tools like wireshark.

Apparently I've got a ban for the same reason, except mine didn't have a backdoor. They just assumed it had backdoor because it was compiled. The administrators here are lame. I do think that insulting the admins might not be the best way to resolve such a situation.

you need a syntax highlighter like geshi: https://www.phpbb.com/community/viewtop ... 0&t=564569 . Note that the [lua] tags our board uses are a custom, small modification.

A few notes: - if you have no experience in maintaining your own server, practice in a virtual machine at home before taking to the internet - there is a reason why MySQL does not allow remote connections by default. Use them only if absolutly necessary. - do not use a GRANT ALL on a database unless it is absolutly necessary. Use user permissions with care. Only give them rights they should have, nothing more. And do not accept connections from % unless you have no other choice (dynamic IPs can by a PITA), if you are connecting from another dedicated server, limit the user account to that IP.

euhm ... what CPU does 6GHz?