JDanniel Posted October 14, 2006 Share Posted October 14, 2006 Hello. Somewhere on this board, I saw a message saying the PHP BB system is not secure, and that something else (I don't recall the name) should be used instead. Should I be concerned about PHP BB, and if so, how concerned should I be? I'm very comfortable with PHP BB right now, and quite frankly, would not be all that eager to learn a new BB system. Just out of curiosity, though...what other BB systems are available that are compatible with my TCH account? Are there any that would require a minimum of effort migrating from PHP BB? Or should I just stay with PHP BB, at least for the time being? Thank you. Jd Quote Link to comment Share on other sites More sharing options...
carbonize Posted October 15, 2006 Share Posted October 15, 2006 I've been using phpBB for years and its fine so long as you keep it upto date. I only stopped using it recently because it's old and behind the times but hopefully phpBB Olympus will change this upon it's release. I currently use SMF on my Lazarus forums and have just installed it for a friend of mine. I use UNB for my main sites forum. If security is your only concern then make sure your phpB is upto date and you'll be fine. If you do want to look at other forums look at http://opensourcecms.com as it lets you play with several scripts and even login to the admin. Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted October 15, 2006 Share Posted October 15, 2006 Phpbb is no longer in the scripts installer fantastico because of frequent security holes. In fantastico you will see SMF on their site there are converters for other forums. Also you will see many themes there. You can try it and judge for yourself. If you stay with Phpbb, you are responsible for keeping it updated and secure. Quote Link to comment Share on other sites More sharing options...
carbonize Posted October 15, 2006 Share Posted October 15, 2006 If you stay with Phpbb, you are responsible for keeping it updated and secure. That applies to any script you have running not just forums and not just phpBB. My site has been defaced twice. The first time was because of an exploit in IPB and the second time because of an exploit in Ashnews (which I still use but have manually patched since it's a dead project) Quote Link to comment Share on other sites More sharing options...
TCH-JimE Posted October 16, 2006 Share Posted October 16, 2006 I much prefer phpBB over SMF but you need to install a few mods to stop the usual bots from posting on your forum I would have a look at the next version of phpBB at present, in Beta which I believe is better then SMF JimE Quote Link to comment Share on other sites More sharing options...
carbonize Posted October 16, 2006 Share Posted October 16, 2006 I've tried Olympus and it's 60 odd database tables puts me off. Quote Link to comment Share on other sites More sharing options...
TCH-JimE Posted October 16, 2006 Share Posted October 16, 2006 I would expect that many in beta at present, it should come down as they combine. Having 60 is no real problem IMHO, I would rather have 60 tables correctley done then have 30 all hiddly and piggdly together. JimE Quote Link to comment Share on other sites More sharing options...
MikeJ Posted October 16, 2006 Share Posted October 16, 2006 Should I be concerned about PHP BB, and if so, how concerned should I be? I'm very comfortable with PHP BB right now, and quite frankly, would not be all that eager to learn a new BB system. phpBB isn't so bad, a little more limited in functionaly in my opinion, but still a decent forum. The biggest reason security becomes such a problem with phpBB is that it's widely used, so, just like Windows, the most targetted. The phpBB crew could do better at keeping the software secure, but when compared to other forums, it's popularity and open code are as much to blame for the problems as the level of security. But because of that, as stated, if you do use phpBB, keeping it up to date is a necessity, but then, that should be the case with any software use use on an internet connected machine. Quote Link to comment Share on other sites More sharing options...
Head Guru Posted October 16, 2006 Share Posted October 16, 2006 I have to agree with Mike on this one. phpBB is a decent board and is very widespread. I would estimate that nearly 30% of all sites hacked here at TCH are caused by phpBB. My personal choice is IPB. Quote Link to comment Share on other sites More sharing options...
JTD Posted October 17, 2006 Share Posted October 17, 2006 I would consider IPB. But for a few things. 1 it will not integrate into phpnuke. 2 I hate paying that kind of money just for a forum board. Quote Link to comment Share on other sites More sharing options...
NFreak Posted October 23, 2006 Share Posted October 23, 2006 I use PHPBB, and I've recently been getting random spam advertisements on my forum now. It seems that there are bots that crawl the site and create an account, create a topic, and link to their website. Quote Link to comment Share on other sites More sharing options...
carbonize Posted October 23, 2006 Share Posted October 23, 2006 There is a mod that removes the signature and homepage inputs from the registration form and bans anyone who sings up and includes a signature and/or homepage in the sign up packet. This will only block automated sign ups as real people wouldn't be able to send either of these fields. I have had several of these and it makes me think they have found a way past PHPBB's captcha. Quote Link to comment Share on other sites More sharing options...
JTD Posted October 23, 2006 Share Posted October 23, 2006 There is a mod that removes the signature and homepage inputs from the registration form and bans anyone who sings up and includes a signature and/or homepage in the sign up packet. This will only block automated sign ups as real people wouldn't be able to send either of these fields. I have had several of these and it makes me think they have found a way past PHPBB's captcha. That is why I like having phpbb intrigated into nuke along with nuke sentinal. If bots or any type of script try things like that. They get instantly banned. And added to a database list. Quote Link to comment Share on other sites More sharing options...
carbonize Posted October 23, 2006 Share Posted October 23, 2006 I prefer SMF because it's powerful and it in stalls mods for you rather than having to manually edit files. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.