Welcome to WebmasterWorld Guest from 54.167.177.207

Forum Moderators: rogerd

Forum Security Featues

what security should be implemented in forum software

   
6:10 pm on May 26, 2004 (gmt 0)

10+ Year Member



I am in the early stages of writing my own forum software. What security features do I need to think about when launching a forum? Is it just login and access issues? Or are there more security flaws that I am not considering?

What security features are offered on existing packages that are a must for any forum?

6:55 pm on May 26, 2004 (gmt 0)

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I think there are two main issues - true forum security (authentication issues, ability to prevent hacking, etc.) and dealing with problem users (spammers, malicious posters, trolls & troublemakers, etc.).

Which areas are you concerned about, or all of the above? :)

7:18 pm on May 26, 2004 (gmt 0)

10+ Year Member



Well, I'm concerned about both, but for the purpose of this thread, I'd like to talk about true security (authenticating users, anti-hacking techniques, etc). Not explicitly how to implement them, just finding all of the issues.
2:44 pm on May 27, 2004 (gmt 0)

WebmasterWorld Senior Member jenstar is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Make sure you have all the latest updates/patches or that you are running the latest version of your message board software. There have been some pretty danger exploits in older versions that can make your forum vulnerable to hackers. I always keep an eye on the support site for mine, to see if there are any alerts or announcements for updates.
2:51 pm on May 27, 2004 (gmt 0)

10+ Year Member



Thats a good tip Jenstar, but I'm writing my own forum software. So I am asking for secuity issues that I need to be aware of while creating it.
5:01 pm on May 27, 2004 (gmt 0)

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Chadmg, I'm guessing that at the hacking level, exploits for forum software aren't much different than for other software (blogs, content managers, etc.)

To reserach this, I'd visit some of the big forum software sites and hunt around in their own forums for warnings about security issues. They may not disclose the details of each exploit, but they may provide sufficient information to guess at what the problem is.

 

Featured Threads

My Threads

Hot Threads This Week

Hot Threads This Month