[Rant] Forum safety in general.

[Corile]

So after the recent incident with XSSTC-vulnerable bbcode on the forums (this, which is now fortunately fixed thanks to @Alley, so I can talk about it) I really have to ask what precautions are done in the way of forum information security.

I have been here for just over two years now and on two separate occasions I've witnessed flaws that could have brought the forums down entirely and the only reason they didn't is because in both cases there was a responsible person (the same in both instances) on the hotline that could fix them.

The first one was the infamous forum rollback, during which there even were questions flying around about a possible restart of the entire Discovery if no backups were found (and as far as I understand they were found only because Alley had some laying around by chance), the second one was the aforementioned XSS vulnerability which was open to attack for about two months (and if you don't believe me, have a read: this and this should give you an idea).

So now, we have people in the community that are versed with web development ( @Alley is god, @Error coded the navmap, yours truly has administrated two long-lasting MyBB boards for a while) so why is stuff done even without going through those people? Some of this is potentially destructive if you don't know what you're doing.

---

Reflections on the Revolution in Gallia
Custodi // High City of Heraklion // The Cult of Archangels
Log Filter // Post Creator // Manhattan