homepage Welcome to WebmasterWorld Guest from 54.226.213.228
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
Forum Library, Charter, Moderators: rogerd

Community Building and User Generated Content Forum

    
Anyone Using PhpNuke Software
PHP-Nuke Forum Software
klickman




msg:1557131
 8:23 pm on May 25, 2004 (gmt 0)

We are looking at using new software to run our forum. I have a simple but specific question regarding software that current Forum Masters are using.

Is anyone using PHP-Nuke to run their forums and if so, what type of recommendation (be it postive or negative) would you give concerning the utilization of this particualr type of software.

Also I guess it would not hurt if others would lend their recommendations of software which Forum Masters should consider using. What do you think?

I await your responses.

 

QuazBotch




msg:1557132
 8:35 pm on May 25, 2004 (gmt 0)

PHPNuke will do the job, but if you just need a forum, then use just forum software.

If you aren't going to use PHPNuke's extra features, why bother with it? It generates bigger page files, takes more server time to generate a page, and I've seen some people get overwhelmed by the layout of the blocks.

If you will use the extra features of PHPNuke, then go for it. And also check out alternatives like Drupal or Geeklog.

MaxM




msg:1557133
 8:36 pm on May 25, 2004 (gmt 0)

One good choice would be Geeklog with its forum plugin.

richlowe




msg:1557134
 8:40 pm on May 25, 2004 (gmt 0)

I use discus. They have a nice free version which has served me for years. It's in perl and is a mature product.

EliteWeb




msg:1557135
 8:45 pm on May 25, 2004 (gmt 0)

Im moving 100% away from phpNuke, too many hacks to deal with. Should be coded more with security in mind.

klickman




msg:1557136
 10:42 am on May 26, 2004 (gmt 0)

EliteWeb,

I'm interested in your comments about moving 100% away from Php-Nuke.

I don't wan't to assume anything from your comments, however, it seems that you have had some "Not So" favorable issue (if I can use those words) with Php-Nuke. Would you care to expound upon them?

Thanks
KM

rogerd




msg:1557137
 3:03 pm on May 26, 2004 (gmt 0)

There's been kind of a buzz about security issues with PhpNuke, which might be a partial answer to your question, klickman - can anyone comment on whether there's anything to this issue, and whether the current distribution is reasonably secure?

grelmar




msg:1557138
 3:37 pm on May 26, 2004 (gmt 0)

PHP-Nuke and security:

My BBS is hosted off a server that's run (as a hobby) by a friend who's in the security business, as a project manager for one of the "big" security companies (he rose out of tech side - he knows what he's doing, he's not an MBA type project manager).

I asked him once if he could set aside a PHP directory for me, so I could play with and familiarize myself with PHP-Nuke, and a few other PHP packages in general.

He told me he would do it quite readily, in about 10 years when the security issues got worked out with PHP in general.

Its not just Nuke, aparently, there are a lot of issues with PHP in general. Nuke is just gaining a really bad rap because its widespread among the script kiddies, who use it and mod it heavily, taking a moderately unsecure platform, and opening up gaping big holes by tinkering with it in un-intelligent ways.

grelmar




msg:1557139
 3:54 pm on May 26, 2004 (gmt 0)

did a quick search:

[search.securityfocus.com...]

gives a STAGGERING list of PHP-Nuke vulnerabilities.

A couple of specific ones:

[securityfocus.com...]

[securityfocus.com...]

NB: All the security wonks I know swear by Perl related apps for dynamic pages, BBSes, and such.

klickman




msg:1557140
 4:05 pm on May 26, 2004 (gmt 0)

grelmar

What an interesting response. I think that you may have opened up a "Can of Worms!" However, I must say an "Intersting Can of Worms" at that.

I must admit. At this point I think I need to take a step back and look at at the type of software that we want to use more closely.

Now the issue is whether Php,Cgi or any other format for that matter, what is going to be suitable for our forum in terms of forum security and reliability?

I guess the other related question regarding this matter is (and trust me it hasn't been dealt with yet) Is PhpNuke secure or stable enough to ward off attacks?

I believe any software is subject to attacks if given the zealous hacker time and reason.

The question that keeps popping in my mind is "Is PphNuke stable enough to run a forum?" If not why? I am sure that there must be a couple of PhpNuke users here who can shed some light on their experiences with this software...right? I sure hope so!

grelmar




msg:1557141
 9:32 pm on May 26, 2004 (gmt 0)

OH! I don't mean to slage Nuke by any means. The only reason I know there were security issues at all, is because I found the software fascinating, and was thinking of giving it a try.

There are a lot of successfull Nuke sites out there. From what I can gather, security wise, the issues are thus:

If you're putting it on your own server, best to brush up on your server security info. Nuke is going to create some holes that weren't there before, but by and large, there holes that can be plugged, from server side.

If you're putting it on a "hosted" server, make sure its PHP friendly. If so, then those server admins are prolly well aware of any security issues involved, and are actively seeking to confront those issues.

Stability: The Nuke sites I've seen seem quite stable, quick and responsive. But this is an outsider's view.

My Security Wonk Friend: Is paranoid to the power of 40. That's his job. Keep that in mind.

zigx




msg:1557142
 12:41 am on May 27, 2004 (gmt 0)

Please be advised that i have not read 100% of the replies in this thread as i am out of time righ tnow...

I just wanted to give you a suggestion and that is:

STAY AWAY FROM PHPNUKE. lol

I have had nothing but problems with it from day 1.

Now if u have a phpnuke install and leave it stock, that might be a totally different story, but if u will be modding it, changing themes, trying to hack the forum it comes with (phpbb) u will have a SERIOUS load of problems.

My advise is to try something else that is more specfic to what u are doing.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved