We don’t come across many events that are tailored exclusively to the forum industry, however we are pleased to announce our involvement with ForumCon.  ForumCon is an annual event was launched just a few years ago with the goal of bringing together the industry’s leading forum owners and experts to discuss growth, management, and monetization strategies for forums.

This years I’m pleased to announce that MyBB will be among a select group of media partners who will have a presence at the show.  We are hoping to have at least two team members attending, and we may have a couple of tickets to give away to lucky members of the community.

Key Details
ForumCon SF will take place on June 12th at the Hotel Kabuki in the heart of downtown San Francisco. The event will kick off at 9am and conclude with a cocktail hour for networking / conversation at a restaurant / lounge nearby.

More information on location as well as how to get tickets can be found here.

Key Sessions

• Kris Jones, author of SEO: Your visual blueprint for effective internet marketing will show you how to better leverage Google Search, Mobile, News, +, to generate more traffic to your forum.
• Tyler Tanaka of PostRelease will share best practices for content curation & creation that will wow your community members and keep them coming back.
• Steve Dodd of Boardreader will lead a panel of social media experts, and forum owners that have successfully leveraged social media, to discuss ways forum owners can successfully leverage Facebook, Twitter, and other social media sites to drive traffic to their sites (rather than away from).
• A panel of monetization experts (representing all types of forum monetization options — images, banner ads, content, link insertion, data, video) will answer all your questions on how to EARN MORE from your forum.
• And much more, to be shared within this thread as the information become available.

Jack Bafia, ForumCon co-founder and Chief Monetization Officer of VigLink, shares why he started ForumCon in the short video below.

Thank you,
MyBB Team

A warning to anyone using any of the various Google Translation Plugins. They will no longer work. Google has disabled the Translation API v1 due to abuse. Someone may write new ones using the new v2 API, however that is a paid service.

You can read more about it here:
http://code.google.com/apis/language/translate/overview.html

I’ve gone ahead and disabled all of the mods on our mods site that are using the v1 API (That I know of anyways), so anything on the mods site should be using v2. If you find one I missed, please respond in this thread with which ones, and a Staff member will take care of it.

Thank you,
MyBB Team

A few days ago we released version 1.6.6, unfortunately we have since realized that the version released was a newer SVN revision than intended, and as a result contains some development code that may compromise the stability of your board.

Please note that this is not a security issue, and we are not aware of any security implications arising from the release.

The issue was rectified shortly after the release and only the main release was affected, not the changed files package.

We advise anyone who used the full release package within the first 24 hours of its release to run the file verification tool in their admin control panel (Tools & Maintenance > File Verification). If any files show differences which are not manual file modifications they should be replaced with files from the current version of the release package.

Thank you,
MyBB Team

Early last year, we announced the development of an official mascot which would be used in a variety ways to promote MyBB and its official merchandise. After countless hours of hard work, we’re proud to unveil our lustrous new mascot.

During the planning stages, the MyBB team heavily debated on what would best represent MyBB. After numerous ideas, we finally decided on an astronaut, because we feel it best demonstrates the following attributes of our forum software: strength, power, friendliness and dominance.

However, the astronaut is currently unnamed; but you can help change that. We will be announcing a naming competition soon, so stay tuned for the details.

Is it a bird? Is it a pig? No! It’s the MyBB logo! It’s great that our users always find new ways of describing our speech bubbles logo but it’s getting quite old and the team decided, along with our new mascot, we needed a new logo too.

We’ll be using the new mascot and logo across MyBB when we launch 2.0, but we just couldn’t wait to introduce them to you!

Lastly, none of this would have been possible without the talented work of Mike Creuzer (if you’re interested in his services you can find him over at Audentio Design). We’ve been extremely honored to work along side him the past few months to bring you these new and exciting assets to MyBB.

A little over two weeks ago we announced the discovery of a rather significant vulnerability which may have effected some users. At the time there was a lot of uncertainty regarding the circumstances, but I feel it’s time to follow up on our original announcement with what has since come to hand. I hope this will answer any outstanding questions, ease some of the concern, and most importantly I hope everyone checks their installations to make sure they are not vulnerable.

First and foremost, I can confirm that the code was malicious and the release was modified on the server by a 3rd party. Therefore, it is crucial that you follow the instructions in the previous blog post to ensure your installation is not vulnerable. The release package was obviously cleaned as soon as the alarm was raised, so if you downloaded MyBB after the first blog post then you don’t need to worry. We aren’t sure exactly when the release packages were tampered with, however if you downloaded your package shortly after the release then you may not have been effected either.

There was unfortunately a vulnerability in the CMS which powers the MyBB home page and downloads system. Using this vulnerability a hacker was able to add a backdoor to one of the files, allowing them to execute arbitrary PHP and manipulate the release packages. The CMS was custom written a number of years ago, however we believe a 3rd party framework used by the CMS contributed to the vulnerability. The CMS shares no code with MyBB so there should be no concern that these events indicate a vulnerability in MyBB. The server is also configured to isolate the subdomains belonging to the MyBB website, so it is unlikely that any data from the community forums or other sections of the site was compromised.

In light of these events, we are looking at making several changes. At the very least we intend to publish checksums with downloads to help identify any future releases which may have been contaminated, we are also looking into automating the verification process using a remote server. Using a CDN to distribute our packages is another option being considered.

MyBB 1.6.5 should be released in the next few weeks but until then please be sure to follow the instructions in the first blog post to secure your board.