FluxBB

It is time for an update on the status of FluxBB 2.0. Development has been progressing, albeit very slowly. This is, in part, caused by time constraints, but there are many other things that could be better: I decided to develop the forum using ... [More] components from the Laravel framework, a tool I am very comfortable with, but which none of the other developers have used before. I could have done better in making it clear which tasks can be taken up by volunteers, where I need help, from things that are easy to pick up to complex architectural decisions. Communication, basically. Things have to get better.Therefore, I am delighted to announce that FluxBB 2.0 will from now on be part of the Flarum project. Flarum is being developed by Toby Zerner, the creator of the esoTalk forum software.What is this Flarum thing?The vision for Flarum is very similar to the one we have for FluxBB 2.0: provide a very basic forum software that brings all the essential features a forum needs, and nothing else. Users should be able to customize their forums to their liking, using extensions that are easy to install and can modify and extend the forum core. Toby outlined his ideas for Flarum in a post on his blog. Flarum is currently at a point in its development that's very similar to that of FluxBB 2.0. Its backend is built on the same foundation (the Laravel framework), so we can truly merge some of our code.What does this mean for FluxBB?First of all, nothing should change for you. We will continue to support the 1.5 branch, providing regular maintenance releases as we used to. When Flarum hits beta, we will start providing an upgrade path for users of older FluxBB versions. But don't worry, we won't leave you alone with your FluxBB forums. As long as a significant fraction of users still run FluxBB, we will continue to support the latest version, at least with security fixes.We believe that this decision is for the very best of the FluxBB community. To be honest: seeing the previous pace of development, FluxBB 2.0 would have still been a long time away. With Toby taking time off college to develop Flarum and determined to implement his roadmap, you will likely be able to test-drive a new forum soon. Also, our skill sets are quite complementary: Toby will work his frontend magic to deliver a pleasant user experience, while I will focus on developing the backend and making that as fast as possible.I encourage you to check out a very early demo of Flarum to see what it's all about.If you're interested in contributing (code or wise thoughts) to the development of Flarum, head over to the development forum and post away.Please let us know any feedback you have - we want to hear your comments, questions and concerns. [Less]

It is time for an update on the status of FluxBB 2.0. Development has been progressing, albeit very slowly. This is, in part, caused by time constraints, but there are many other things that could be better: I decided to develop the forum using ... [More] components from the Laravel framework, a tool I am very comfortable with, but which none of the other developers have used before. I could have done better in making it clear which tasks can be taken up by volunteers, where I need help, from things that are easy to pick up to complex architectural decisions. Communication, basically. Things have to get better.Therefore, I am delighted to announce that FluxBB 2.0 will from now on be part of the Flarum project. Flarum is being developed by Toby Zerner, the creator of the esoTalk forum software.What is this Flarum thing?The vision for Flarum is very similar to the one we have for FluxBB 2.0: provide a very basic forum software that brings all the essential features a forum needs, and nothing else. Users should be able to customize their forums to their liking, using extensions that are easy to install and can modify and extend the forum core. Toby outlined his ideas for Flarum in a post on his blog. Flarum is currently at a point in its development that's very similar to that of FluxBB 2.0. Its backend is built on the same foundation (the Laravel framework), so we can truly merge some of our code.What does this mean for FluxBB?First of all, nothing should change for you. We will continue to support the 1.5 branch, providing regular maintenance releases as we used to. When Flarum hits beta, we will start providing an upgrade path for users of older FluxBB versions. But don't worry, we won't leave you alone with your FluxBB forums. As long as a significant fraction of users still run FluxBB, we will continue to support the latest version, at least with security fixes.We believe that this decision is for the very best of the FluxBB community. To be honest: seeing the previous pace of development, FluxBB 2.0 would have still been a long time away. With Toby taking time off college to develop Flarum and determined to implement his roadmap, you will likely be able to test-drive a new forum soon. Also, our skill sets are quite complementary: Toby will work his frontend magic to deliver a pleasant user experience, while I will focus on developing the backend and making that as fast as possible.I encourage you to check out a very early demo of Flarum to see what it's all about.If you're interested in contributing (code or wise thoughts) to the development of Flarum, head over to the development forum and post away.Please let us know any feedback you have - we want to hear your comments, questions and concerns. [Less]

It is my pleasure to announce the long-awaited release of FluxBB version 1.5.8.Security fixThis release fixes a minor security issue in install.php. The installer could be tricked into loading and executing any file named install.php. Abuse of this ... [More] vulnerability could have only been possible in combination with other security issues that would have allowed an attacker to create files with that name.If you want to stay on the safe side no matter what, just delete your install.php file by hand or do it from the admin panel after the upgrade.Anti-spam addonsAs a special present, we made it super-easy to install anti-spam modifications by providing a few hooks where these modifications can hook into. All you will need to do to install this new generation of anti-spam tools is to copy one or two files into certain folders of your FluxBB installation. We hope this change encourages the community to create a broad range of more diverse antispam tools, so that spammers will hit unpredictable obstacles when targetting FluxBB. As an example, I have created a modification that adds Google's new reCAPTCHA system to your registration page. Expect more documentation in the next days.Other highlightsThe new version also brings some security hardening, fine-tuning, several small features and usability improvements to your forum. Here's a list of the highlights:Clickjacking attacks should now be prevented by modern browsersDirect links to certain actions from notification emailsQuickly promote users to the next groupNew moderator permission for promoting usersStreamlined forum creation processImproved default styles and dropped support for Internet Explorer 6Everything else can be found in the full changelog.I am very grateful for the following community members due to their help and support in getting this version ready: adaur, altjo, Askelon, chris98, GeonoTron2000, jmleroux, Pierre, quy, seven, Studio384, Visman and 123.Also, a big thanks to the High-Tech Bridge Security Research Lab for their responsible cooperation in getting the vulnerability fixed.So, go ahead and download the new version on the downloads page. You can find patches on the upgrade page. As always, don't forget to make a backup of both your files and your database before the upgrade.Thank you for using FluxBB! [Less]

It is my pleasure to announce the long-awaited release of FluxBB version 1.5.8.Security fixThis release fixes a minor security issue in install.php. The installer could be tricked into loading and executing any file named install.php. Abuse of this ... [More] vulnerability could have only been possible in combination with other security issues that would have allowed an attacker to create files with that name.If you want to stay on the safe side no matter what, just delete your install.php file by hand or do it from the admin panel after the upgrade.Anti-spam addonsAs a special present, we made it super-easy to install anti-spam modifications by providing a few hooks where these modifications can hook into. All you will need to do to install this new generation of anti-spam tools is to copy one or two files into certain folders of your FluxBB installation. We hope this change encourages the community to create a broad range of more diverse antispam tools, so that spammers will hit unpredictable obstacles when targetting FluxBB. As an example, I have created a modification that adds Google's new reCAPTCHA system to your registration page. Expect more documentation in the next days.Other highlightsThe new version also brings some security hardening, fine-tuning, several small features and usability improvements to your forum. Here's a list of the highlights:Clickjacking attacks should now be prevented by modern browsersDirect links to certain actions from notification emailsQuickly promote users to the next groupNew moderator permission for promoting usersStreamlined forum creation processImproved default styles and dropped support for Internet Explorer 6Everything else can be found in the full changelog.I am very grateful for the following community members due to their help and support in getting this version ready: adaur, altjo, Askelon, chris98, GeonoTron2000, jmleroux, Pierre, quy, seven, Studio384, Visman and 123.Also, a big thanks to the High-Tech Bridge Security Research Lab for their responsible cooperation in getting the vulnerability fixed.So, go ahead and download the new version on the downloads page. You can find patches on the upgrade page. As always, don't forget to make a backup of both your files and your database before the upgrade.Thank you for using FluxBB! [Less]

It is my pleasure to announce the long-awaited release of FluxBB version 1.5.8.Security fixThis release fixes a minor security issue in install.php. The installer could be tricked into loading and executing any file named install.php. Abuse of this ... [More] vulnerability could have only been possible in combination with other security issues that would have allowed an attacker to create files with that name.If you want to stay on the safe side no matter what, just delete your install.php file by hand or do it from the admin panel after the upgrade.Anti-spam addonsAs a special present, we made it super-easy to install anti-spam modifications by providing a few hooks where these modifications can hook into. All you will need to do to install this new generation of anti-spam tools is to copy one or two files into certain folders of your FluxBB installation. We hope this change encourages the community to create a broad range of more diverse antispam tools, so that spammers will hit unpredictable obstacles when targetting FluxBB. As an example, I have created a modification that adds Google's new reCAPTCHA system to your registration page. Expect more documentation in the next days.Other highlightsThe new version also brings some security hardening, fine-tuning, several small features and usability improvements to your forum. Here's a list of the highlights: Clickjacking attacks should now be prevented by modern browsers Direct links to certain actions from notification emails Quickly promote users to the next group New moderator permission for promoting users Streamlined forum creation process Improved default styles and dropped support for Internet Explorer 6 Everything else can be found in the full changelog.I am very grateful for the following community members due to their help and support in getting this version ready: adaur, altjo, Askelon, chris98, GeonoTron2000, jmleroux, Pierre, quy, seven, Studio384, Visman and 123.Also, a big thanks to the High-Tech Bridge Security Research Lab for their responsible cooperation in getting the vulnerability fixed.So, go ahead and download the new version on the downloads page. You can find patches on the upgrade page. As always, don't forget to make a backup of both your files and your database before the upgrade.Thank you for using FluxBB! [Less]

It is my pleasure to announce the long-awaited release of FluxBB version 1.5.8.Security fixThis release fixes a minor security issue in install.php. The installer could be tricked into loading and executing any file named install.php. Abuse of this ... [More] vulnerability could have only been possible in combination with other security issues that would have allowed an attacker to create files with that name.If you want to stay on the safe side no matter what, just delete your install.php file by hand or do it from the admin panel after the upgrade.Anti-spam addonsAs a special present, we made it super-easy to install anti-spam modifications by providing a few hooks where these modifications can hook into. All you will need to do to install this new generation of anti-spam tools is to copy one or two files into certain folders of your FluxBB installation. We hope this change encourages the community to create a broad range of more diverse antispam tools, so that spammers will hit unpredictable obstacles when targetting FluxBB. As an example, I have created a modification that adds Google's new reCAPTCHA system to your registration page. Expect more documentation in the next days.Other highlightsThe new version also brings some security hardening, fine-tuning, several small features and usability improvements to your forum. Here's a list of the highlights: Clickjacking attacks should now be prevented by modern browsers Direct links to certain actions from notification emails Quickly promote users to the next group New moderator permission for promoting users Streamlined forum creation process Improved default styles and dropped support for Internet Explorer 6 Everything else can be found in the full changelog.I am very grateful for the following community members due to their help and support in getting this version ready: adaur, altjo, Askelon, chris98, GeonoTron2000, jmleroux, Pierre, quy, seven, Studio384, Visman and 123.Also, a big thanks to the High-Tech Bridge Security Research Lab for their responsible cooperation in getting the vulnerability fixed.So, go ahead and download the new version on the downloads page. You can find patches on the upgrade page. As always, don't forget to make a backup of both your files and your database before the upgrade.Thank you for using FluxBB! [Less]

Security fixes!Today we inform you about the release of two new FluxBB versions - v1.5.7 and v1.4.13.These releases fix a critical security vulnerability that could potentially allow clever attackers to take over other user accounts on a FluxBB ... [More] forum.We also fixed another less severe issue related to redirects in login.php.To keep the release (and accompanying patches small), we pushed back the planned and already implemented improvements to a v1.5.8 release due in November.We want to thank everyone at ramhost.us for the very responsible disclosure of the vulnerability as well as their friendly communication. Patches were contributed by adaur and quy. Thanks, guys!Please update your forums as soon as possible! As always, you can find complete download packages on the downloads page. Patches and changed files can be obtained on the upgrade page.We apologize for the inconvenience and assure you that we are trying our best to avoid problems like these, now and in the future.Security mailing listIn the days prior to this release, we have contacted several prominent community members and large FluxBB forums to give them time to patch their installs. To keep you all in the loop, we have created a new security mailing list. We will use that exclusively to contact you in case of security-relevant releases. You can sign up through a single click of a button in your site profile. Please consider doing so to stay informed and keep your forums up-to-date. [Less]

Security fixes!Today we inform you about the release of two new FluxBB versions - v1.5.7 and v1.4.13.These releases fix a critical security vulnerability that could potentially allow clever attackers to take over other user accounts on a FluxBB ... [More] forum.We also fixed another less severe issue related to redirects in login.php.To keep the release (and accompanying patches small), we pushed back the planned and already implemented improvements to a v1.5.8 release due in November.We want to thank everyone at ramhost.us for the very responsible disclosure of the vulnerability as well as their friendly communication. Patches were contributed by adaur and quy. Thanks, guys!Please update your forums as soon as possible! As always, you can find complete download packages on the downloads page. Patches and changed files can be obtained on the upgrade page.We apologize for the inconvenience and assure you that we are trying our best to avoid problems like these, now and in the future.Security mailing listIn the days prior to this release, we have contacted several prominent community members and large FluxBB forums to give them time to patch their installs. To keep you all in the loop, we have created a new security mailing list. We will use that exclusively to contact you in case of security-relevant releases. You can sign up through a single click of a button in your site profile. Please consider doing so to stay informed and keep your forums up-to-date. [Less]

Security fixes!Today we inform you about the release of two new FluxBB versions - v1.5.7 and v1.4.13.These releases fix a critical security vulnerability that could potentially allow clever attackers to take over other user accounts on a FluxBB ... [More] forum.We also fixed another less severe issue related to redirects in login.php.To keep the release (and accompanying patches small), we pushed back the planned and already implemented improvements to a v1.5.8 release due in November.We want to thank everyone at ramhost.us for the very responsible disclosure of the vulnerability as well as their friendly communication. Patches were contributed by adaur and quy. Thanks, guys!Please update your forums as soon as possible! As always, you can find complete download packages on the downloads page. Patches and changed files can be obtained on the upgrade page.We apologize for the inconvenience and assure you that we are trying our best to avoid problems like these, now and in the future.Security mailing listIn the days prior to this release, we have contacted several prominent community members and large FluxBB forums to give them time to patch their installs. To keep you all in the loop, we have created a new security mailing list. We will use that exclusively to contact you in case of security-relevant releases. You can sign up through a single click of a button in your site profile. Please consider doing so to stay informed and keep your forums up-to-date. [Less]

Security fixes!Today we inform you about the release of two new FluxBB versions - v1.5.7 and v1.4.13.These releases fix a critical security vulnerability that could potentially allow clever attackers to take over other user accounts on a FluxBB ... [More] forum.We also fixed another less severe issue related to redirects in login.php.To keep the release (and accompanying patches small), we pushed back the planned and already implemented improvements to a v1.5.8 release due in November.We want to thank everyone at ramhost.us for the very responsible disclosure of the vulnerability as well as their friendly communication. Patches were contributed by adaur and quy. Thanks, guys!Please update your forums as soon as possible! As always, you can find complete download packages on the downloads page. Patches and changed files can be obtained on the upgrade page.We apologize for the inconvenience and assure you that we are trying our best to avoid problems like these, now and in the future.Security mailing listIn the days prior to this release, we have contacted several prominent community members and large FluxBB forums to give them time to patch their installs. To keep you all in the loop, we have created a new security mailing list. We will use that exclusively to contact you in case of security-relevant releases. You can sign up through a single click of a button in your site profile. Please consider doing so to stay informed and keep your forums up-to-date. [Less]