View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions Securing phpBB3
Log in to Ask a Question

Securing phpBB3

development

I've been asked by one of the hosted sites on my linode to deploy phpBB3 for them. I want to set it up for them, but I'm wary of phpBB, as it's someone notoriously insecure. Obviously, I'll be requiring that it be kept up to date, and I'll be creating a separate limited access MySQL for it, but are there any other suggestions to keep things secure?

I'm running lighttpd on Ubuntu 10.04. I considered a chroot jail, but I don't really want to run separate lighttpd or php processes just for the forum.

1 Reply

@Guspaz:

I've been asked by one of the hosted sites on my linode to deploy phpBB3 for them. I want to set it up for them, but I'm wary of phpBB, as it's someone notoriously insecure. Obviously, I'll be requiring that it be kept up to date, and I'll be creating a separate limited access MySQL for it, but are there any other suggestions to keep things secure?

I'm running lighttpd on Ubuntu 10.04. I considered a chroot jail, but I don't really want to run separate lighttpd or php processes just for the forum. Make sure that you update phpBB3 regularly, and also.. there should be a option to remove the versionining off the board. Usually hackers use google to look for a specific version, ie; "phpbb 2.1.24"

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct