BetaArchive Logo
Navigation Home Screenshots Image Uploader Server Info FTP Servers Wiki Forum RSS Feed Rules Please Donate
UP: 26d, 7h, 21m | CPU: 52% | MEM: 5997MB of 11135MB used
{The community for beta collectors}

Post new topic Reply to topic  [ 18 posts ] 
Author Message
 PostPost subject: Your 404 Error        Posted: Mon Apr 13, 2009 12:17 am 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Apr 12, 2009 11:22 pm

Posts
703

Location
/dev/urandom

Favourite OS
W7x64, OSX
I just checked your 404 page and realise that you haven't customised it fully.

As I am sure you are aware, this can be a rather large security hole when someone attempts to scan for any open ports on your server, as potential hackers can use server-based exploits to gain illegal access to a server. I would advise you to fully customise your 404 page, otherwise you are leaving quite the security gap in your site.

Note: This customisation is useless against header spies, but you probably already knew that too.

EDIT: I wasn't being very clear; basically, I suggest you hide your server type.

-AC

_________________
Web developer, part-time moderator, full-time CSS wizard.


Last edited by Alpha-Critik on Mon Apr 13, 2009 12:22 am, edited 1 time in total.

Top  Profile
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 12:21 am 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Alpha-Critik wrote:
I just checked your 404 page and realise that you haven't customised it fully.

As I am sure you are aware, this can be a rather large security hole when someone attempts to scan for any open ports on your server, as potential hackers can use server-based exploits to gain illegal access to a server. I would advise you to fully customise your 404 page, otherwise you are leaving quite the security gap in your site.

Note: This customisation is useless against header spies, but you probably already knew that too.

EDIT: I wasn't being very clear; basically, I suggest you hide your server type.

-AC


You have no idea what you're talking about do you?

I've worked with servers for over 6 years, and I'm a web designer and programmer by trade. A generic 404 page has no security implications what-so-ever. It means exactly the same thing as a custom page, its just less elegant. As for server-based exploits, any server is open to those if they run insecure scripts. A stand alone web server with no scripts on it has no chance of being hacked through the web server. As for port scanning, I don't see how a customised 404 page would stop that either... Anyone could port scan the server. I could port scan you right now and tell you what you are running... Hiding the server type will also have no effect on a hacker. If they want to be into the system, they'll get in. The web server is not the security problem here, the scripts you run on the web server are.

I suggest you look into server security before coming out with this sort of thing.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 12:24 am 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Apr 12, 2009 11:22 pm

Posts
703

Location
/dev/urandom

Favourite OS
W7x64, OSX
1. Let me design a 404 page for you, it would be my pleasure.
2. Sorry. Imma go slap the guy who told me that.

_________________
Web developer, part-time moderator, full-time CSS wizard.


Top  Profile
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 12:25 am 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Alpha-Critik wrote:
1. Let me design a 404 page for you, it would be my pleasure.
2. Sorry. Imma go slap the guy who told me that.


We don't need a custom 404 page, because we have no broken links. Even if we did, who cares? Everyone knows what a 404 error means, so they go back and try another link.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 12:27 am 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Apr 12, 2009 11:22 pm

Posts
703

Location
/dev/urandom

Favourite OS
W7x64, OSX
Oh... Damn, I haven't had an excuse to fire up Dreamweaver in a pretty long time... Ok then. Sorry to bother you, Andy.

_________________
Web developer, part-time moderator, full-time CSS wizard.


Top  Profile
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 4:02 am 
Reply with quote
Donator
Offline

Joined
Fri Oct 26, 2007 5:12 pm

Posts
2461
I find it rather sad you took the time out to look at the sites 404 page


Top  Profile
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 6:54 am 
Reply with quote
FTP Access
Offline

Joined
Thu Aug 24, 2006 6:28 pm

Posts
352
What;s wrong with a pretty 404?


Top  Profile
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 9:16 am 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
expert01 wrote:
What;s wrong with a pretty 404?


Nothing, there is just no need for one if there are no broken links :) Which I know there aren't any because Google Bot stats tell me so :)

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 11:17 am 
Reply with quote
Administrator
User avatar
Offline

Joined
Tue Feb 12, 2008 5:28 pm

Posts
7433
There's no need for a custom 404 since the default one shows pretty much everything needed. The most important thing about any of the error pages is that it outputs a title correctly, since many apps uses the error codes to see what's wrong with a site (bots, stat engines etc). How the page itself looks is just cosmetics. Sure we could make a 404 with the BA theme etc etc, but that's just cosmetics. Doesn't affect any security or function of the site.

It's nice that you do want to help, but I suggest that you report any potential security flaws directly to the staff in the future, we don't want any people reading about them here and exploit them before we manage to correct them.

_________________
Image
Official guidelines: The Definitive Guide to BetaArchive :: Abandonware
Tools: Alcohol120% (Portable)
Listings: BetaArchive Database (beta)
Channels: Discord :: Twitter


Top  Profile  WWW
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 12:52 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Apr 12, 2009 11:22 pm

Posts
703

Location
/dev/urandom

Favourite OS
W7x64, OSX
Sorry. Common sense isn't really my strong point...

_________________
Web developer, part-time moderator, full-time CSS wizard.


Top  Profile
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 3:52 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Alpha-Critik wrote:
Sorry. Common sense isn't really my strong point...


Might be an idea to make it a strong point then, common sense is very important on BA. You'll have the mickey taken out of you a LOT if you don't. We're a friendly community but if you have no common sense then you deserve anything that comes to you (like the replies to this topic).

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 4:25 pm 
Reply with quote
Donator
Offline

Joined
Sat May 24, 2008 10:05 am

Posts
2045
Andy wrote:
Might be an idea to make it a strong point then, common sense is very important on BA. You'll have the mickey taken out of you a LOT if you don't...

For those members of this forum who do not live in western European countries, or countries founded by western Europeans, here are some helpful alternatives to that phrase:

- Take the [censored]
- Ridicule
- Make fun of
- Mock
- Patronize

So there you have it forum members, I hope this has broadened your horizons, and helped you gain a better understanding of what the term "Take the mickey" means.

Also: Who cares what the 404 page looks like, and why would this cause a security hole in any remote way?


ADD: Why is the more colorful word for urinate censored?


Top  Profile
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 4:29 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Quote:
ADD: Why is the more colorful word for urinate censored?


Because we have minors on the forum whose parents may not appreciate the use of the word, which is why I avoided using it.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 4:31 pm 
Reply with quote
Donator
Offline

Joined
Sat May 24, 2008 10:05 am

Posts
2045
Yet the words bitch and whore are still allowed...


Top  Profile
 PostPost subject: Re: Your 404 Error        Posted: Mon Apr 13, 2009 4:34 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Bitch is a female dog, and whore is not swearing. Its just a politically incorrect word for prostitute, thats all. Anyway you're going off-topic here.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: Your 404 Error        Posted: Tue Apr 14, 2009 9:45 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Thu Nov 30, 2006 6:10 pm

Posts
2647

Location
Land of The Tea.

Favourite OS
Windows 10 Pro x64
Quote:
Alpha-Critik wrote:
Sorry. Common sense isn't really my strong point...


Might be an idea to make it a strong point then, common sense is very important on BA. You'll have the mickey taken out of you a LOT if you don't. We're a friendly community but if you have no common sense then you deserve anything that comes to you (like the replies to this topic).

Owned? :P

_________________
Image
| Personal site - Social links - PC setup | TF2 Game Servers |
Liking traps isn't gay, its not gay if it looks like a girl
I-i-it's n-not as if I wanted to ban you or anything. B-baka. (「・ω・)「


Top  Profile  WWW
 PostPost subject: Re: Your 404 Error        Posted: Tue Apr 14, 2009 9:52 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12473

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Remember Josh, you were once the same so don't mock him. Its not nice.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: Your 404 Error        Posted: Wed Apr 15, 2009 11:36 am 
Reply with quote
Staff
User avatar
Offline

Joined
Thu Nov 30, 2006 6:10 pm

Posts
2647

Location
Land of The Tea.

Favourite OS
Windows 10 Pro x64
I know but I even laughed at my self at times.

_________________
Image
| Personal site - Social links - PC setup | TF2 Game Servers |
Liking traps isn't gay, its not gay if it looks like a girl
I-i-it's n-not as if I wanted to ban you or anything. B-baka. (「・ω・)「


Top  Profile  WWW
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 18 posts ] 




Who is online

Users browsing this forum: No registered users and 23 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

All views expressed in these forums are those of the author and do not necessarily represent the views of the BetaArchive site owner.

Powered by phpBB® Forum Software © phpBB Group

Copyright © 2006-2018

 

Sitemap | XML | RSS