Major Update [Server, Security, Features]
#1
Major Update [Server, Security, Features] - September 2016
Finally a long awaited update! Too be honest I should have gotten this done a lot sooner, but it got delayed for many reasons. Including bug hunting, motivational issues and all. But here's a few new things!
  • Server Upgrades
    1. Higher performance, more resources for the money.
      Although economically I have it harder nowadays it was worth it :) We get more resources for our money. We definetly won't have to move servers any time soon.
    2. Optimized for higher traffic flows and such.
      Webservers, Databases, OS and other components have been optimized and tuned for hopefully better performance of the site for most of you. If there's any issues with it, please let me know and I'll see if I can fix any eventual issues.
  • Security Upgrades
    1. Bcrypt Hashes Implemented to the login system.
      We now have a better and more secure password hash system. Generally your passwords will become stronger and harder in case of any potential breach. Please make sure to logout and re-login into the site to have your password updated. Eventually I might enforce a mass reset of passwords to update the password, but for now I'll be happy with all the active members seeing this notification and updating manually.
    2. Minor IP leak vulnerability fixed.
      Just a small thing I discovered before, involving SSL certificates giving out our url to bots and scanners, linking the backend IP with GreySec. It's been fixed on this new server, and hopefully it won't be found again for a while :p
  • Feature Upgrades
    1. "Thank you" added for posts and threads.
      As promised before after previous suggestion threads I've added a "thank you" feature. It's very useful for lurkers who want to interact with the forum but don't feel they have any constructive to add to the thread. Feel free to use it as you please. I'm going to work at making greysec more reliant on the thank you score in the future and give less attention to reputation. In the end a "thank you" for a constructive post will reflect your contributions more than just reputation.
    2. Post stats added at the bottom of index.
      After previously discussed suggestion threads about side bars and such I've decided to add the prostats bar at the bottom. It will help everyone in finding the latest threads. In addition there's also a top thanks list and a top referer, in hopes to encourage more referers and give recognition to the people who do so.
    3. RSS for New Posts!
      See: https://greysec.net/showthread.php?tid=528 It's been added and implemented. Enjoy!
    4. Default Avatar fixed.
      Our previous default avatars url died due to filehost going down. Honestly I'm not sure why I added a default avatar in the first place, looks better without one. So you might have been noticing broken image avatars lately. Which I did remove, but empty avatars was not available as default avatar, anyway that as been fixed now. Minor update :p If you don't notice the change, do CTRL+F5 to clear CSS cache.
    5. New [bb] code added!
      • Chapter Tags Added. (Wikipedia Style Chapter sections)
        Code:
        [chapter]test[/chapter]
      • Table Tags / Table Generator
        Code:
        [table]
        [*][row][cell]Username[/cell][cell]Password[/cell][/row]
        [*][/table]
      • Spoilers are back!
        Code:
        [spoiler]test![/spoiler]
        [*][spoiler="Secret"][/spoiler]
      • Username Tag added! (Displays the username of the username reading the thread)
        Code:
        [username]
Let me also take this opprotunity to tell you all about what I hope to also add on GreySec very soon. (See it as a public TODO list, I'm more likely to get it done sooner if announce it anyway :p Procastrination...)
  • Higher Level usergroup for contributing members (Similar to VIP group, with their own section)
    I've been planning this for a long time, see. They will have some premium privileges like their own private section, own userbar, higher rep handouts and other things. I'll be implementing this very soon. Stay tuned!
  • [bb] Code improvements
    I'm going to add LaTex codes and improve our (code) tags to a more resource efficient plugin soon.
  • New theme!
    Some of you may know that I've been working on a new theme lately. It's been on a standstill but I'll be taking up my work on it and hopefully be able to introduce it within the next coming months. Old theme will of course will be left for those who prefer it.
  • SEO and advertising?
    Right now my focus is to make sure everything works without bugs and it all works. But I'll be focusing more on improving our SEO soon. And without further ado I'll start advertising GreySec as of this moment (After thread has been posted). Expect some new members!
  • Help documents and Rule improvements
    I'm going to improve our rules soon, make it more clear and easy. Hopefully more reasonable to most people as well. As well as a few other administrative and boring things :p

    And many many more things to come in the future!!
    ALL HAIL GREYSEC!
    ♪♬ *Plays in the background* ♫♩
    (I haven't felt this motivated in months)
Reply
#2
(09-19-2016, 07:15 PM)Insider Wrote: RSS for New Posts!
See: https://greysec.net/showthread.php?tid=528 It's been added and implemented. Enjoy!

Yay, finally! I'm curious where you live that 'today' lasts for 11months for the rest of us though :p

(10-19-2015, 07:30 AM)Insider Wrote: That's very helpful Big Grin Thank you dropzone, I'll fix this today.
Reply
#3
(09-19-2016, 08:36 PM)dropzone Wrote:
(09-19-2016, 07:15 PM)Insider Wrote: RSS for New Posts!
See: https://greysec.net/showthread.php?tid=528 It's been added and implemented. Enjoy!

Yay, finally! I'm curious where you live that 'today' lasts for 11months for the rest of us though :p

(10-19-2015, 07:30 AM)Insider Wrote: That's very helpful Big Grin Thank you dropzone, I'll fix this today.

Well I actually live in another solar system, where the planets rotation is much slower. So according to my time there it is indeed correct!
Spoiler(Show)
Haha but in all seriousness, yeah. I should have gotten that done a lot more sooner :p I've had lots of things prevent me, due to all sorts of reasons. Admittedly some of them being procrastination :p But now that I finally pushed some of the most important updates I've been wanting to do, I can finally focus more on advertising.
Reply
#4
Fantastic! Finally my introduction to hacking is properly formatted! But as drop zone pointed out there is a CSRF on the thanks button. I'm also getting some 404s on images like to logo but it's probably just a caching issue.
Reply
#5
Awesome job man, happy to see you motivated. Resetting password now and keep up the good work.
Reply
#6
(09-20-2016, 07:55 AM)NO-OP Wrote: Fantastic!  Finally my introduction to hacking is properly formatted!  But as drop zone pointed out there is a CSRF on the thanks button.  I'm also getting some 404s on images like to logo but it's probably just a caching issue.

Could you try clearing your CSS or Browser cache, and see if it works? Everything works for me, I've cleared the cache. And if this doesn't fix it, can you show me which images are missing?

And also yeah, had no idea about that CSRF haha, I'll see if I can get that fixed soon. Might not be an urgent vulnerability, but it's still a vulnerability.

(09-20-2016, 08:33 AM)Vector Wrote: Awesome job man, happy to see you motivated. Resetting password now and keep up the good work.

You don't actually need to reset password, all you need to do is to log out and then log in again Smile But thanks for the feedback!
Reply
#7
(09-20-2016, 10:47 AM)Insider Wrote:
(09-20-2016, 07:55 AM)NO-OP Wrote: Fantastic!  Finally my introduction to hacking is properly formatted!  But as drop zone pointed out there is a CSRF on the thanks button.  I'm also getting some 404s on images like to logo but it's probably just a caching issue.

Could you try clearing your CSS or Browser cache, and see if it works? Everything works for me, I've cleared the cache. And if this doesn't fix it, can you show me which images are missing?

And also yeah, had no idea about that CSRF haha, I'll see if I can get that fixed soon. Might not be an urgent vulnerability, but it's still a vulnerability.

(09-20-2016, 08:33 AM)Vector Wrote: Awesome job man, happy to see you motivated. Resetting password now and keep up the good work.

You don't actually need to reset password, all you need to do is to log out and then log in again Smile But thanks for the feedback!

My password was due for a change anyway, i like to switch them up from time to time Smile I changed it and relogged.
Reply
#8
Wow, that's great Smile
Thanks for the work !
Reply
#9
Very cool new features..
Good work Insider. Keep it up Wink
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  2021 November Update Insider 5 11,278 12-24-2021, 01:49 PM
Last Post: dev
  2021 Update - Revamp of rules and more... Insider 0 15,875 02-04-2021, 01:14 AM
Last Post: Insider
  [10-23-2017] Minor news-update - New SuperModerator Insider 3 29,045 10-29-2017, 09:10 PM
Last Post: enmafia2
  [02-17-2016] Server reboot and Glibc Insider 0 15,536 02-17-2016, 09:21 PM
Last Post: Insider