Qbasicnews.com

Qbasicnews.com > General > General/Misc > secure forum?
Full Version: secure forum?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

yetifoot

12-08-2005, 01:33 PM
ive been looking about at forums today, and have found that the current phpBB and snitz have some security 'issues'

can anyone reccomend a more secure forum, or are they the best i'm gonna find?

Sterling Christensen

12-08-2005, 04:23 PM
I know the former lead developer of SMF, so I may be biased.

SMF home page: http://www.simplemachines.org/
The SMF community forum: http://www.simplemachines.org/community/index.php
To see large installations in action: http://rankings.big-boards.com/?filter=SMF,all

Security info:
SMF: http://secunia.com/product/5285/
PhpBB: http://secunia.com/product/463/
vBulletin: http://secunia.com/product/3212/
Invision: http://secunia.com/product/3705/

Nek or aetherFox can tell you what it's like to administrate SMF (they're the admins at basicnetwork.net)

I can tell you [Unknown] prides himself on security and optimization. He was always writing converters (to convert existing forums to SMF), and in the process he'd be looking at the other forum's code and pointing out security holes Big Grin. Sometimes people would ask how many servers the SMF community forum was running on, and he loved how surprised they'd be when he said just one - an old Celeron with (I think it was) 256 or 512 MB of ram (they've since upgraded).

It's free (as in zero dollars - you get the source code and it's readable and well commented, but it's not GPL and you can't redistribute), can do far more than phpBB, and has a much better security record. Plus it's well optimized - it runs with lower load averages than other forums with as many features/as much traffic and has lower hardware requirements.

As far as I know, all the other forums in the same class (for features) are slower and cost money. Like Invision and vBulletin.

For best results (with any forum), use with eAccelerator: http://eaccelerator.net/HomeUk
Basically, everytime apache runs a php script, it's recompiling it every time. eAccelerator caches the compiled byte code. It's under the GPL.

NecrosIhsan

12-08-2005, 07:22 PM
SMF is easily the most secure forum ever written because of how it was designed from the very beginning. I don't know the project leader like SC does but I do know of the philosophy that went into creating the product. Administering it is pretty easy and again, very very secure. Patches are released as soon as even minor problems are found, and needless to say...not many have had to be released so far. The forum's only up to version 1.0.5, the official non-beta release was 1.0.0...only 5 updates in its entire lifetime, and none were all that major of fixes. The only forum software that can compete with SMF is IPB, which, as SC mentioned, tends to be slower and bulkier, but it is very secure and feature-laden as well. vBulletin is way too bulky and slow, plus lacks many good features, not to mention isnt nearly as secure (makes me think whoever started it up did it just to sell a product). phpBB...well, we all know the security history with that. The rest of the forum software out there is either way too primitive (like Robboard) or way too insecure (like ikonboard) to even warrant mention in this post. Big Grin
Qbasicnews.com > General > General/Misc > secure forum?