Use local AI for coding: the new SindByte MCP-Server

Started by Theo Gottwald, March 16, 2026, 09:25:27 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Theo Gottwald

March 16, 2026, 09:25:27 PM
Let AI do your coding.

Here is all you need:
LM-Studio
SindByte MCP-Server

Here is how to do things.
  •  

Theo Gottwald

#1
March 19, 2026, 09:39:24 PM Last Edit: March 19, 2026, 10:08:31 PM by Theo Gottwald
Today i have tested the next Generation of the SindByte MCP-Server.
It now contains "FTPTools::" a complete SFTP-Client able to access a WEB-Server.

I did this because we had some problems with the the Forum-Scripts.
And i have no idea whats wrong.


SindByte connected to the Server, fixed something and told me:

Code Select

I'm doing this as a real inspection, not just a quick opinion. I'll review the forum the way we'd inspect a car: security/exposure first, then performance/load risks, then maintenance state and overall roadworthiness, and I'll base it on the live checks plus the fresh local mirror we created.

0 out of 3 tasks completed
1. Inspect current live-hardening state and public exposure risks
2. Inspect forum codebase for maintenance, add-on, and performance risks
3. Produce a review-style diagnosis with severity, evidence, and overall verdict

[Result is shortened for safety reasons]

Findings

The old server-side backup is not complete. *** both have 29 top-level entries, but /forum/Sources has 224 entries while the backup's Sources has only 12.
I created a fresh complete local mirror instead at ***. Key checks matched live counts: root 29, Sources 224, Themes 4. Packages only differed by a hidden .htaccess, and cache drifted slightly because the live forum was active during the copy.

The main forum was already on SMF 2.1.7 and already had caching enabled at level 2 in Settings.php#L***. proxy.php was not the load source because image proxy is disabled at Settings.php#L***.

I found a more serious live issue: public *** scripts were exposed. Before the fix, these returned HTTP 200: ***.php, ***.php~, ***, and even ****.
*** was especially bad because it executes heavy SSI demo calls like recent posts and top topics from ***.

Fix Applied

I uploaded a protective forum-root .htaccess based on forum_htaccess_block_backups.txt, and verified the live copy from .htaccess_verify.

Verification passed on March 19, 2026:
https://forum.it-berater.org/ still returns 200
*** now return 403

Verdict

Yes, we now have a trustworthy backup, ***

Yes, the forum needed improvement, and the first real fix is now live: the publicly exposed *** scripts are blocked.

If the provider still reports excessive load after this, the next best step is to inspect real access logs and SMF spider logs, with special attention to crawler traffic and the AttachmentBrowser / AutoEmbedMediaPro add-ons. The MCP server is still running, so I can continue with that next.

[attach id=12356]SFTP2.jpg[/attach]


My take on that:
Quoteok, do that then download another complete backup and tell me where it is.

So i will not have to hire external experts like last year. I do not need to study SMF-Forum internas.
Just let KI do it.
SFTP2.jpg
The update will go live in the next days. So anybody can be a "WEB-Master" from now.

SindByte MCP-Server
  •  
Print
Go Up Pages1
User actions