After reading this or this I would like to talk about ways we can mitigate this. Looks like forums that allow uploads could be a huge target. Is this something that the VB team can fix on the VB side? Other then disabling uploads what are some options to protect ourselves? Looks like a fix might be a long way off (facepalm)…
Seems like a good fix for this would be to allow VB to accept a 2nd domain that can be used to host all the Avatars* Signatures* Pictures etc (even if it resolves to the same IP address)... For now I shut off all uploads.
__DEFINE_LIKE_SHARE__