Mods for SMF 2.0.5

[Apeirogon]

I've got a forum running 2.0.5 version of SMF, and I want to put a Thanks, Likes, and Advanced Rep Sys on there, but none are compatible with my version. When I upload the .zip of the mod, I get an error saying that the file is either corrupt or not compatible. Any help would be greatly appreciated, thanks in advance.

EDIT: Are there any mods that do work that y'all recommend?

[Arantor]

I recommend a healthy dose of How can I install a mod that doesn't work in my SMF version?

[TheListener]

Have a read of the Mod Emulate link in my signature.

However I see that Arantor has also given you the link.

[Apeirogon]

Thanks a bunch.

Note: Good Lord, 50,000+ posts?! You sir should get an internet forum cookie or something. That's crazy.

[Apeirogon]

Unmarked as solved, I've got a bit of a problem...

I swear that I was running 2.0.5, but now in the Admin panel I'm being told my version 1.1.18 I remember seeing an update of some sort for SMF, I downloaded it but didn't install it because it was downgrading me to an older version. Nothing has really changed except for not being able to install a load of mods. Practically 75% of them decided they couldn't be installed. A bit worried... :/

[Arantor]

What does the footer of the page say?

There is a bug whereby sometimes the 'latest version' reports the latest 1.1.x version rather than the 2.0 version. I've reported this before and no-one seems to know what causes it. If in doubt, go to Admin > Maintenance > Scheduled Tasks and run the Fetch Simple Machines files task again.

No mod package that you install should be downgrading you.

[Apeirogon]

At the footer I've changed it to not disclose the version of SMF.

Ran that file, it didn't seem to do much.

You know how the notifications of new versions of SMF appear? The update appeared there. I downloaded it, but saw it was for 1.1.x and didn't install it because I thought that was a bit off that it even showed up.


Ah ha! I think I might be looking at the wrong place. In the Detailed Version check, the column Your Version lists 2.0 and up. In the current version, it shows 1.1.18. So I guess my forum is running correctly.

[Arantor]

At the footer I've changed it to not disclose the version of SMF.

If only that were the only place it's actually shown... because it isn't. Also, I don't know why you're bothering, it's not a security improvement.

You know how the notifications of new versions of SMF appear?

Yup. You can't upgrade from 2.0 RC3 to the current version (2.0.5) through the package manager. Never been possible.

[Apeirogon]

If there's a known security bug in that version and you just shout out that you're using that version, inevitably, someone is going to attempt an exploit. It's not extremely important, but it's something. Why not?

Thanks for the help, nonetheless. I think I've fixed what I needed to. Enjoy your Friday!

[Arantor]

Because that's not how they work. I've been studying the logs for years on this stuff and that's just not what happens.

It's quicker and easier for them to ignore the displayed version and just hit a site with any vulnerability and see what sticks. For example I *routinely* see hack attacks against phpMyAdmin on my server... I don't even HAVE it installed.

[Apeirogon]

More information about a target is more power. It's plain and simple. If I see you have XP with no service packs installed, I can pretty much just Google an attack against your version of XP. Why not take 2 seconds to edit a PHP file rather than one day someone discovere a vulnerability and use it against you? There no harm in doing this. I'm a bit confused at your argument to put it all out there.

And either way, I'm posting information here, any smart person would figure it out in seconds, but that's okay, and it obviously is with you too.

[Arantor]

Except that's just not what happens. I'm not pulling this out of my posterior, I'm basing this on years of logs.

I routinely see attacks against old versions of SMF, phpBB, MyBB, IPB, WordPress, Drupal, Joomla, heck I even routinely see attacks against IIS and I'm not even running Windows. It doesn't matter whether I'm running the software or not, I still see the attacks against it.

The hackers have automatic one-click attack packs, that just try everything - because it's actually quicker to do that than to try and identify whether a particular version has been patched.

Seriously, putting the version does NOT make you any weaker. Hiding the version does NOT make you any safer. Lying about the version listed doesn't help you either, I have multiple sites with fake versions listed just in case that makes a difference (it doesn't)