I have sites with forums, one has been hacked for the 4th time. What is the safest forum software. I have been using phpBB. I like the styles, but it's too vulnerable.
I just had exactly the same thing happen today to a phpBB site: http://www.totwise.com/forum/index.php It didn't really get "hacked", it's just an HTML injection into a form field. To solve it you just need to delete the offending message (in my case it was a forum name). But yes, I agree, it would be nice to switch to forum software that would encode this crap out of there. If someone knows an easy solution I'd like to hear it too. Update to the latest version, and make sure you delete the /install and /contrib directories!
Personally I always go for vbulletin for mine, wether theyre the safest or not im not sure but you can deffinately do great stuff with them.
Well, when your running 2.0.03 then of course your gonna get hacked... only a matter of time. VB has security issues too, gotta stay up to date with the versions whichever you decide.
The sites with forums are non-profit and I can't afford the price of vbulletin. Is there a free alternative?
Agreed... nothing is 100% secure... but I can say from personal experience that the first time I ever hear about vBulletin security issues is because there is an update/patch available for it. I hear about phpBB security exploits because forums get hacked... then maybe a month or so they update/patch it. Not only that but vBulletin employs a 3rd party company that does nothing but audits their code and looks for security issues before they release a new version. Certainly the same can't be said about phpBB. phpBB is probably the best you are going to find for free.
Beyond software, a secure server is key. We've had over 2 dozen hack attempts in under a week and we're still under construction. And each time its failed because we've got an extremely secure server which over the next few weeks we intend to make even more secure. In a month or two we may even be able to have a second server (our current one) used just for backups and sensitive info, and get a new dual core to run the site.
Yea most definately VB is more secure, but staying up to date with phpBB your chances of being hacked are slim. I feel secure with my phpBB installs. Money aside, if both were free, I'd use phpBB (and do). I've had both, and while I can say out of the box VB is much much better, there are so many more styles and mods available for phpBB.