|Forum Security Featues|
what security should be implemented in forum software
| 6:10 pm on May 26, 2004 (gmt 0)|
I am in the early stages of writing my own forum software. What security features do I need to think about when launching a forum? Is it just login and access issues? Or are there more security flaws that I am not considering?
What security features are offered on existing packages that are a must for any forum?
| 6:55 pm on May 26, 2004 (gmt 0)|
I think there are two main issues - true forum security (authentication issues, ability to prevent hacking, etc.) and dealing with problem users (spammers, malicious posters, trolls & troublemakers, etc.).
Which areas are you concerned about, or all of the above? :)
| 7:18 pm on May 26, 2004 (gmt 0)|
Well, I'm concerned about both, but for the purpose of this thread, I'd like to talk about true security (authenticating users, anti-hacking techniques, etc). Not explicitly how to implement them, just finding all of the issues.
| 2:44 pm on May 27, 2004 (gmt 0)|
Make sure you have all the latest updates/patches or that you are running the latest version of your message board software. There have been some pretty danger exploits in older versions that can make your forum vulnerable to hackers. I always keep an eye on the support site for mine, to see if there are any alerts or announcements for updates.
| 2:51 pm on May 27, 2004 (gmt 0)|
Thats a good tip Jenstar, but I'm writing my own forum software. So I am asking for secuity issues that I need to be aware of while creating it.
| 5:01 pm on May 27, 2004 (gmt 0)|
Chadmg, I'm guessing that at the hacking level, exploits for forum software aren't much different than for other software (blogs, content managers, etc.)
To reserach this, I'd visit some of the big forum software sites and hunt around in their own forums for warnings about security issues. They may not disclose the details of each exploit, but they may provide sufficient information to guess at what the problem is.