• Dagonus
  • 59.6% (Neutral)
  • YAF Forumling Topic Starter
13 years ago
Should I upgrade from IIS 6 to IIS7? I'm running YAF 1.9.3. I've been having some security issues on my website (A bot keeps inserting scripts calling executables). I've done the usual password changes. I changed computers to change the password to avoid keyloggers. In fact I upgraded form to 1.9.3 largely in an effort to clamp down security. I was hoping the flaw was in Originally they were in html files and the aspx files for YAF. This time they were just in the ASPX. So I'm wondering in running IIS6 might be to blame, just figuring it's older and likely less secure than II7.

However, I'd heard some people say they had troubles running YAF under II7. Should I upgrade form 6 to 7 or is there a security hole in YAF that lets in scripts that I could close?

  • Jaben
  • 100% (Exalted)
  • YAF Developer
13 years ago
I develop YAF under IIS7. No troubles... The main thing to note is that modules and httpHandlers have been moved in IIS7 web.config.

I believe the security issues are related to your HOSTING, not YAF. I'd know if there were major security holes like script injection in YAF.
YAF Logo Copyright © YetAnotherForum.NET & Ingo Herbote. All rights reserved
About Us

The YAF.NET is an open source .NET forum project. YAF.NET is supported by an team of international developers who are build community by building community software.

Powered by Resharper Donate with PayPal button