Odoo Help

Welcome!

This community is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

2

Where to report the current Odoo forum problems? Is Odoo really 'safe'?

By
Yenthe
on 11/30/14, 4:44 AM 1,005 views

Hi everybody

Most of you might have noticed by now some people managed to create a lot of new topics about downloading movies etc.
The interesting part is that they managed to remove a lot of code and insert only the image in to the page.
Questions overview: http://i.imgur.com/3uxdhG2.png
Detail of a topic: http://i.imgur.com/QJG5OjB.png

So the big question now is how can we remove these topics? There is no longer a report / close button for me as they removed that too..
Who should we contact that is responsible for the Odoo forums?
The last thing that I am wondering is.. how secure is Odoo really? This is yet another example of Odoo not being spam proof and being able to modify code in Odoo. This makes me doubt about the Odoo security.

With kind regards
Yenthe

Note: I've send an e-mail to support@odoo.com to report this problem.

Yenthe
on 11/30/14, 5:04 AM

The best that us ordinary people can do is downvote the spam when we can... that helps a lot if we all do it.

Stephen Mack
on 11/30/14, 7:15 AM

Downvoting, even deleting or blocking those users accounts will not solve the problem, cause they will create another free account and do ...what ...

Med Said BARA
on 11/30/14, 11:42 AM

solve the problem no, help yes.

Stephen Mack
on 11/30/14, 11:44 AM

You are right Med it will not do a lot. But it will atleast slow them down to make a new account and closing all those topics also removes them from the list! Which keeps our forums quite clean, for now.

Yenthe
on 11/30/14, 11:47 AM

You are right (Stephen and Yenthe), all we have to do is to continue using our forum as usual.

Med Said BARA
on 11/30/14, 11:50 AM

odoo responded. I updated my answer

Stephen Mack
on 12/2/14, 6:53 AM
3

Stephen Mack

--Stephen Mack--
5023
| 8 8 9
Santiago, Chile
--Stephen Mack--

Some people call me a karma whore, I only ask for 10 points if you like my answer and 15 if I happen to get it correct.

Stephen Mack
On 11/30/14, 7:14 AM

UPDATE: (response from lead developer, Olivier)

Here's a summary of what we've (odoo development team) done in the last few days:

  • Deleted 52 users with negative karma, with all their posts and comments (these users have been created by real users manually, from various IPs coming from India, Vietnam, etc., most likely hacked machines).
  • Raised the karma for posting comments on other questions to 50 - new users can only post on their own (threads).
  • Fixed the error 500 when editing posts.
  • Fixed the UI problem when trying to add images (may need browser refresh with shift+f5).
  • Fixed various issues with tags when posting/editing.

The only action that is currently possible for first time users (after verifying their email) is to post new questions.

MY ORIGIONAL ANSWER:

They are using CSS to overlay their code on top of the odoo website.  As for odoo safety?  Microsoft, Unix and Apple have all had major security holes that give people root access to your system.  So far we have graffiti artists gaining access.

I contacted a lead developer and also 24 hour support.  Now it is up to them to prioritize the problem as they see fit.

Personally I prefer to see odoo getting hacked and not free user websites.  This way we can be assured that the problem will get corrected and odoo will be safer for everyone.  The forum software is only beta code 100% of odoo's design and does not have the years of experience in what people can do to break it.  And they sure are breaking it!

I found a great plugin for firefox and chrome that allows disabling css: The Web Developer.

Stephen Mack
on 11/30/14, 7:37 AM

Hmm I didn't even think about the CSS overlay. How stupid of me. Thanks for the tool. I'll check this out and any time I see spam showing up I'll close it.

Yenthe
on 11/30/14, 8:19 AM

No! Not stupid of you, just cleaver of them. I cleaned up about 95% of the forum, still some valid threads that I could not delete the spammers comments. I sent them to odoo support. It took me about two hours and was very very painful. Hope the decide to implement some of my suggestions: https://github.com/odoo/odoo/issues/3460

Stephen Mack
on 11/30/14, 8:22 AM

http://chrispederick.com/work/web-developer

Stephen Mack
on 11/30/14, 8:50 AM

Thanks Stephen! What a handy tool... too bad I don't have 1.000 karma then I could delete all these topics and posts too. Good job on cleaning up the forum! +1 for you.

Yenthe
on 11/30/14, 11:27 AM
0

Ermin Trevisan

--Ermin Trevisan--
3534
| 6 3 7
Walchwil, Switzerland
--Ermin Trevisan--


Ermin Trevisan
On 12/1/14, 8:13 AM

These spammers/hackers are even smart enough to ask the forum how to earn karma: https://www.odoo.com/forum/help-1/question/how-to-earn-karma-69140

Hmm yes I saw this topic.. I could close it but I don't think it matters as he already has gotten the karma sadly..

Yenthe
on 12/1/14, 8:25 AM

fourgaver6513 is playing ...

Med Said BARA
on 12/1/14, 9:15 AM

Your Answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

About This Community

This community is for professionals and enthusiasts of our products and services. Read Guidelines

Question tools

5 follower(s)

Stats

Asked: 11/30/14, 4:44 AM
Seen: 1005 times
Last updated: 3/16/15, 8:10 AM