This will be the first of a series of development update posts regarding MyBB 2.0. Currently in pre-alpha, MyBB 2.0 is the long awaited upcoming major version of the open source MyBB forum software. We’ll be posting regular updates (we promise!) in regards to the development to keep you all updated. Continue reading
Author Archives: Paul H.
Transparency on the hijacking of our Twitter account and 2.0 leaks
Recently our Twitter account was compromised and there have been questions in the community about what happened. We’d like to take some time for a short explanation of what happened.
On January 27th, a MyBB group team member’s account was compromised, as well as his personal website. We had unfortunately been storing out Twitter account password in plaintext in a thread. The attacker found the password and changed the email & password of the @MyBB twitter account and began to post offensive messages. IPs of staff members were also released during this time, as well as installation statistics. Within two hours, we had isolated the breach and banned the staff member’s account to prevent any further purusing of private data. The staff member in question does not have access the the Admin Control Panel, so no private user data was accessible. We have no reason to believe any other information was accessed. The staff member is currently on a leave of absence related to personal issues not related to MyBB.
We immediately contacted Twitter and Chris talked to a former co-worker who works at Twitter to escalate the ticket. The hacker’s access to the account was locked, and Twitter began to investigate our claim to the account. The issue was quickly sorted and we regained access.
There was also recently a thread posted on TheAdminZone with screenshots of the 2.0 GitHub repository. The poster claimed to be selling the 2.0 source code. The code the user had was simple the initial commit of Laravel into the repository, none of the actual 2.0 code was present. As for seeing some of that 2.0 code, watch the blog over the next few days!
At MyBB we have a strong commitment to security. All staff with ACP access use a secret PIN, a form of 2FA. We release patches to any serious issues usually within hours of them being reported. We have Two Factor Authentication enabled on our staff email accounts and Github, and are actively working on getting 2FA for our other development tools. Security is a process, as former staff member Nathan Malcolm, now of @sintheticlabs, says. We continue to improve our processes and incorporate more secure policies and features.
An Exciting New Future
Disclaimer: look at the date this was posted
Following Facebook’s acquisition of the Oculus Rift, the popular Virtual Reality headset crowdfunded by Kickstarter, officials from Facebook contacted us with a similar proposal: purchasing MyBB and developing it into a more full, fun, and professional project. Today, we is pleased to announce that for $3.4 million, Facebook has acquired MyBB.
What does this mean for MyBB?
MyBB 1.8 will continue as scheduled, being the last of the 1.x series. It will have many new features integrated, such as chat, Facebook log in integration, etc. MyBB 2.0, however, will get an exciting new rewrite and a set release date of April 1, 2015.
The new codebase
What we’re most excited about is the code. No longer hundreds of thousands of lines long, the MyBB code on your server will shrink down to a simple interface that pings Facebook’s API to gather all the information needed. All forum data will be hosted on Facebook’s servers, offering a secure and fast platform for the database. Your forum’s database will seamlessly upload during the upgrade from 1.8 -> 2.0. The code on your server will remain LGPL as in the 1.x series, combining with Facebook’s server side code for a unique blend of open source and proprietary that will allow for the most modern, fast, and advanced social community software.
Users & Profiles
Another thing we’re excited for is user integration. No longer will your users need to remember long, complex passwords, as they will be able to login and register via their Facebook account. This will be the only login method, and your user’s data will be merged with Facebook during the upgrade process. The upgrade will auto-detect existing Facebook accounts based on email and merge them together. The profile page on your MyBB install will pull information directly from Facebook! No more is the need to upload avatars or change bios or locations, all will be integrated directly.
Because we’ll be using Facebook accounts for your standard MyBB account, the opportunity for using Facebook’s messaging system is wide open. All members who have messaged each other on MyBB will automatically be made Facebook friends and will be able to carry out their discussion in the way so many members of the community have been asking for: conversation style.
Forums & Posts
Posts will take on the style of a Facebook post, with replies appearing as comments. This will allow us to utilize Facebook’s comment history and like features. Images will become the only form of attachments, and will display inline just like in a Facebook comment!
This feature makes us especially happy: any MyBB forum will be accessible via the Facebook iOS or Android app! There will be no more need for a mobile MyBB theme or plugin, as the Facebook app will handle it all.
Mass emails will no longer require a mail server, but will send as a group message via Facebook. Facebook style notifications will also be on your forum, as well as the ability for members to create and moderate their own groups. Best of all, however, your new forum will be browsable by Oculus Rift.
We’re excited as a team for this new opportunity and have more exciting announcements for you in the near future!
… April Fools!
Interview with Shemo
Hello MyBB fans!
It’s time for our next forum showcase, and this time we have Shemo’s forum, ShaveNook. A forum concentrated on a very unique and small niche, “Traditional Wet Shaving”, it surprises some when they see the post count at nearly 300,000.
Some screenshots of unique parts of ShaveNook are below. The community, like brad-t’s previously featured Harajuju, also uses the XThreads plugin, specifically RateU’s Product Review mod.
How did you first get involved in forums?
I first got involved in forums when I used to game a lot and ran a gaming clan with a few friends. Seeing the need to stay informed about game practices, matches and other clan related information, the best medium to accomplish this was to establish a forum so that threads and posts could be posted whenever, without having to worry about people missing out on any information because they weren’t around when things were being discussed.
How did you find MyBB?
I found mybb through a friend.
When I originally started my gaming clan and then set up the discussion forum, I installed phpbb. After wanting to extend the features of phpbb and realizing how daunting of a task it had become, I was ranting to a friend of mine who worked in IT.
My friend had mentioned that he had used mybb and that it had a much simpler template and plugin system than phpbb, which made it a snap to add a new look and add functionality to the forum. After checking out mybb, I gave him a few bucks and he converted my forum from phpbb to mybb.
The rest is history after that. Every single forum I’ve ever ran and/or had a hand in establishing and setting up has ran mybb.
Well, we’re glad you found us! Moving onto your current forum, how did ShaveNook come about? It’s obviously a very unique niche. (Note: Shemo relayed the question to his team and the following reply is from “bullgoose” on ShaveNook. Teiste is the second admin, and Andrew is Shemo.)
bullgoose: The start of the Shave Nook dates back to Simply Shaving. I was an administrator on Simply Shaving and many of the mods here were also moderators at Simply Shaving. Late last summer, Teiste approached me about updating the software of simply shaving. Unfortunately, we could not facilitate an upgrade on the site. In February, Teiste and I decided to form the Shave Nook and we formally launched the site in late February of this year. I want to say the official opening was February 25th. We wanted to retain the spirit of Simply Shaving while being more up-to-date in terms of forum software. Teiste brought Andrew on board a couple of days after our launch and he has been our IT guy. I am really proud of the team of moderators and administrators that we assembled…they have done a bang-up job!
What is wet shaving even? What makes it great compared to other forms of shaving, and how is it gaining popularity?
Wet shaving offers the shaver choices that are simply not available to the modern multiblade cartridge razor and canned foam user. The wet shaving choices of razors, blades, shaving soaps and shaving creams are considerably more than that of the modern counterparts mentioned above. For example, using a Gillette Fusion or a Schick Hydro 5 will both feel the same and give the same type of shave. Except for scent, using a canned foam or gel will be pretty much identical across brands.
With more traditional wet shaving, the products used can make a distinct difference in the resulting shave. For example, a double edge (DE) razor may shave differently depending on the DE blade that is inserted into it. Also, different DE razors can offer different types of shaves. One razor might give a mild shave while another a more aggressive shave.
Then, there are the types of razors and the techniques needed to use each. A straight razor (sometimes known as a cut throat) uses a completely different technique than a single edge (SE) razor and a single edge razor can use a different shaving style than a double edge razor. There are no “pivoting heads” on these to do the work for the shaver. The interesting part about the different razors is that some are antiques in excess of one hundred years in age and some are being produced today so the choices are many and varied.
The shaving soaps and creams come in a much wider assortment than the canned foam or gel one typically sees in places like drugstores or supermarkets. Once again, like the razors and blades, different products offer differing characteristics. There are creams which are generally soft and usually very easy to lather, soaps which are hard and take a certain technique to lather, and so called croaps (cream+soap) which are not as soft as creams nor as hard as soaps. Each has its fans and detractors and it is simply personal preference that determines which will be used. Many like all three types and just use whatever one might be in the mood for on any given day.
The choice of scents of the various creams, soaps, and croaps is vastly superior to the supermarket foams and gels. While artificial scents can be and are used, many contain true essential oils so lavender, rose, or other such scented soaps and creams will smell exactly like that with no artificial scents detected. There are also some very intriguing scents produced by artisan soap makers that at first thought may not seem to make sense but work quite nicely.
To go along with these various soaps, creams, and croaps one needs a brush. Once again, the choices are many, from the material of the handle and the hair used in the brush knot to the style of both the handle and the knot. There is no right or wrong brush but simply user preference.
Admittedly, most of these wet shaving accoutrements will have to be purchased on line unless one lives in a large city such as New York or Chicago where bricks and mortar stores can be found that sell many of these supplies. However, if there is not a physical store nearby, internet stores are plentiful and usually offer reasonable shipping costs.
While all of this may sound a bit complicated, a web site dedicated to wet shaving, such as The Shave Nook has members who are always happy to offer advice to those just starting out on this wonderful journey. Free to join, the wealth of information on these sites makes it easy to get started and to learn about new ideas, techniques, and products.
Did you ever think the forum would reach the size that it did?
No. We knew that wet shavers were a dedicated bunch, but to have 300K+ posts in just over a year with less than 3,000 users registered is pretty remarkable. I believe it goes to show that if you listen to your audience and are welcoming, the community will keep coming back and invite friends.
If you could add one thing to MyBB, what would it be?
One thing I’d add to mybb is a mobile theme. In 2013, almost everyone visits websites from some sort of mobile device, whether it be their cell phone or a tablet. Having something that scales down to mobile viewing size and strips away some of its functionality to make it more mobile friendly would be nice.
What do you like about MyBB that puts it above other forum software?
The biggest thing I like about mybb is the fact that it’s free and open source. Something else I like about the product is that it’s easy to install and activate new plugins and themes.
Any advice that you would like to give to anyone aspiring to create a community with MyBB?
If you put in the work that it takes to run, manage and foster a newly built community, it’ll eventually pay off. At The Shave Nook, we try to keep the environment friendly and relaxed. If there happens to be a problem that arises, we try to nip it in the bud to prevent it from growing into a bigger problem.
The MyBB team thanks Shemo for his and his team’s time for this interview! Stop by ShaveNook and take a peek a very unique and special community!
Interview with Brad T.
MyBB would like to kick off our first social media showcase with Harajuju, the Japanese Fashion forum!
Harajuju is one of the more interesting MyBB projects, because of the extensive ways it has been customized such as the excellent usage of the XThreads system and the wonderful theme. Some of the features and looks of Harajuju can be seen below:
We wanted to talk to brad-t – the prolific MyBB community manager and UX expert who previously worked on the World Beyblade Organization, about how he uses MyBB and what makes his ethos unique.
How did you first get involved in forums?
I’ve been running my own websites since I was about 12 years old, when I started an online RPG on GeoCities. I got really interested in Beyblade around 13 years old, and I started looking for forums to join and discuss it.
None of them were any good. So I decided to start my own – Off the Chain, which ran phpBB2. I ran that site from 2003 until 2005, when I closed it due to a lack of interest.
A few years went by, and I was wondering how my old Beyblade friends were doing … there weren’t any communities for Beyblade around anymore, so I decided to start again. I created Beywiki – the Beyblade encyclopedia – in 2007 in order to bring everyone back together. I chose MyBB for this project, though I sadly can’t remember how I discovered it. Shortly after that, it was announced Beyblade would resume production again, and we transitioned to become the World Beyblade Organization. After a few years I was offered a job at a toy company and resigned due to a conflict of interest, but those guys are still going strong.
I decided I wanted to start a community about Japanese fashion in 2010, and chose MyBB because I was familiar with it and knew that I could customize it a lot. And well, here we are now.
Given the excellent design of Harajuju, your Japanese fashion forum, do you have any background in web design?
I don’t. I’m entirely self taught. It’s just something I’ve developed from running many websites, I guess. I’m a hobbyist at best; I think I can give valuable design feedback, but I’m under no impression that I’m a professional. I have a big interest in UI and UX and have done a small amount of real work in those areas.
What sites do you visit daily? Do you subscribe to any web development/design type blogs?
I find reading about app design interesting, and I think there’s a lot of lessons that can be taken and adapted for web design. Some tech blogs I read include: Daring Fireball, Marco.org, LittleBigDetails, iOS.tumblr.com.
What do you like about MyBB that puts it above other forum software?
Its extensibility. It’s very easy to bend MyBB to your will, so to speak. There are some MyBB plugins that are completely indispensable to me, such as xThreads and Template Conditionals. I’m not sure that I would’ve been able to accomplish things like Haralooks and the Brand Directory with another forum software … at the least, it would’ve been much more work.
If you could add one thing to MyBB, what would it be?
There are a lot of things, frankly. If I had to pick one thing, it would be a revamped conversations feature similar to Facebook’s. Threaded messaging is not optional anymore. I’m hopeful that we’ll see a plugin to add this functionality in the near future, but I had sincerely hoped to see it in 1.8. C’est la vie.
What do you think the next big trend in forums will be?
It’s hard to say. Forums themselves are definitely on the decline in terms of both relevance and popularity as conversations shift to giant platforms like Facebook. If they want to regain any foothold outside of techy niches, they need to become simpler. They need to shed extraneous features and checkboxes and menus. And just hiding that complexity is not enough – things really need to be simpler.
I know XenForo is a big deal right now, and they’ve done a lot well, but I still think they are adhering to forum standards too rigidly. Discourse is a really interesting development, but its interface is pretty indecipherable in a lot of ways. It feels like a product made for the technologically inclined.
We should be designing forums in a world where nobody knows what the hell a “forum” is.
Any advice for people aspiring to make forums as thriving as yours?
Haha, well, Harajuju is a fairly quiet project by design right now. I’ve been quietly tuning things under the hood; I hope to generate a lot more activity over the next year.
I’ve posted this maybe a million times, but it’s important to fill a need other than your own. A lot of people create forums because they want to run a forum. That’s just not enough – your desire has to be not one of control, but one of invitation. I created Harajuju because I wanted to create a community space for people who love Japanese fashion and who were sick of the shallow and petty conversations in other spaces. I created Off the Chain because there were no good Beyblade communities. I founded the World Beyblade Organization because sanctioned Beyblade play outside of Asia was essentially non-existent.
Of course, I get a thrill from running these communities; it’s great to create something and to own it. But it’s not just my needs I’m serving. My needs take a backseat to the needs of my community’s members.
Anything else you’d like to say?
MyBB’s power is in its flexibility. Don’t stop with a few CSS changes and a list of forums. Think about what you can do with the powerful templating options and the huge library of existing plugins out there. Work with developers to create new ones – or if you can develop, create your own.
MyBB is at a tumultuous place in its lifespan. Interest in forums among the general populace of internet users is on the downswing and competition in the space is heating up. MyBB 1.8 is going to be the last version of the 1.x series and the last version that’s compatible with the existing plugins out there today. So we all need to work hard to maximize its potential.
Using Pirated Mods
Recently we have been made aware of several MyBB plugins circulating around the internet, in particular pirated mods, which are specifically designed to cause malicious harm to their users. One specific example which has come to our attention attempts to delete all the records from your database, and delete your MyBB files. This would obviously have a devastating impact on anyone who happened to install this plugin.
We’d like to remind users of the immense power plugins have which, when used incorrectly, could pose security implications for your forum. Theme files also can contain backdoor PHP scripts which can grant access to your server. Therefore, great care should be taken both in terms of which plugins are installed and where the modifications were obtained from. Specifically, nulled or pirated mods pose the biggest threat of all given that the origin of the file is unknown and any sharer could have inserted malicious code.
Even when downloading mods directly from the author we recommend thoroughly researching both the plugin/theme and the author to establish that they are reputable and have a good standing with their customers and users.
If you have any further questions, concerns or examples please don’t hesitate to contact us via the Private Inquiries forum.
Regards, The MyBB Team.