Overview of the Situation:
On 9/8/2020,
Assessment from 10 Lb:
TDIC is on a version of DNN that is right in the middle of many security vulnerabilities; 10 Lb said “right in the middle of the worst.” The top priority is upgrading the site to the most recent version of DNN.
The PackFlash module is a known security risk. 10 Lb recently helped another organization in a similar situation to migrate content from PackFlash into a stable and secure module that works on current versions of DNN, and that is the other main priority. For reference: http://www.packflash.com/. Packflash is currently used for TDIC’s menu, several list modules, and publications like Liability Lifeline and RM Matters.
Solution/Approach:
Set up clean instance of TDIC from an older backup, with no content
Remove any problematic modules; upgrade those that can be upgraded
Export PackFlash content into Easy DNN News or other secure module
Upgrade DNN
When site is upgraded/stable,
Next Steps:
Today (9/9):
Mark is contacting Geoff to get the oldest backup possible of the site and will create a new instance on his local machine
Chris will identify all modules used on the TDIC site and work with Mark to recommend which ones should be phased out or upgraded. In particular, Chris will be identifying the use of the PackFlash modules (TDIC uses multiple types of PackFlash modules).
This weekend:
Mark will prioritize
0 Comments