Kunena 6.3.6 Released - Security release

The Kunena team has announce the arrival of Kunena 6.3.6 [K 6.3.6] in stable which is now available for download as a native Joomla extension for J! 4.4.x/5.0.x/5.1.x. This version addresses most of the issues that were discovered in K 6.2 / K 6.3 and issues discovered during the last development stages of K 6.3
Note: Please go to the Kunena Dashboard after an upgrade so that the Kunena database tables are also updated.

This is for users to help other users, to discuss topics that are related to forum administration in general or problems in running Joomla. This is not the place to ask for Joomla support. If you want assistance with Joomla please ask at forum.joomla.org

Question Internal Sabotage by personnel of Hosting Provider

More
1 month 1 day ago #1 by sthop
Hello,

I am looking around for a Hosting Provider that can manage my opinion-website built on Joomla version 5 platform with Kunena Forum v.6.3.5 extension built-in.
My experience, especially by the repressive attitude in the Netherlands, is that there is a risk of 'internal sabotage' by hosting personnel (admins) with a different opinion. Do you recognise this? Have you experienced any opposition or strange circumstances?
So, I have become cautious and have some questions:
How can I detect technical sabotage in Joomla v.5 or in Kunena Forum v.6.3.5?
How can I prevent technical sabotage?
Which (international) Hosting Provider can you propose that is politically, religiously and culturally neutral?

Friendly regards,
Sthop

Please Log in or Create an account to join the conversation.

More
1 month 11 hours ago #2 by Pinkeltje
This question has nothing to do with Kunena. It also seems strange to me that hosting staff would take the time to sabotage a site.

Please Log in or Create an account to join the conversation.

More
4 weeks 1 day ago - 4 weeks 1 day ago #3 by sthop
Hello Pinkeltje,
What the questions have to do with Kunena is:
Does Kunena environment have access for a secret admin (for example, via database) by an aggrieved employee?
My questions are not about the Hosting Provider as an organisation, but by any employee with an opposing view who wants to undermine my site covertly.
Which (international) Hosting Provider may you propose that is politically, religiously and culturally neutral?
Friendly regards,
Sthop
Last edit: 4 weeks 1 day ago by sthop.

Please Log in or Create an account to join the conversation.

More
4 weeks 1 day ago #4 by Pinkeltje
Have you experienced this or is this a hypothetical question?

Please Log in or Create an account to join the conversation.

More
3 weeks 6 days ago #5 by ruud

Hello Pinkeltje,
What the questions have to do with Kunena is:
Does Kunena environment have access for a secret admin (for example, via database) by an aggrieved employee?
My questions are not about the Hosting Provider as an organisation, but by any employee with an opposing view who wants to undermine my site covertly.
Which (international) Hosting Provider may you propose that is politically, religiously and culturally neutral?
Friendly regards,
Sthop
 
Kunena is build upon Joomla and uses it's user accounts and access rights implementation. Joomla is build upon a web server and a database (likely mysql).

That said: everybody with access to the files on the web server can change whatever they like and access the database to change / delete topics / replies.

This goes for all extensions / plugins / etc.

So if your 'aggrieved' employee can get his hands on server / ftp access then he will also be able to change database entries (even without you knowing it).

I do it myself 'all' the time: get a support request from a customer and reply to this question only to find out that I was logged in with my admin account and not with my user account. I then go into the database and swap out the admin user id with my own user id in the correct tables / messages, et voila: the answer is now made by the correct user account.

sharing = caring
The following user(s) said Thank You: sthop

Please Log in or Create an account to join the conversation.

More
3 weeks 6 days ago #6 by sthop
Ruud,
Thank you for your reply.
Friendly regards,
Sthop

Please Log in or Create an account to join the conversation.

Time to create page: 0.626 seconds