Results 1 to 6 of 6

Thread: Which are the most secure forums platform?

  1. #1
    Junior Member drpepperONE's Avatar
    Join Date
    Nov 2007
    Posts
    51

    Default Which are the most secure forums platform?

    Hi to all.

    I wanna know your opinion about forum platform security.

    Which are the most secure??

    1]phpBB

    2]vBulletin

    3]SMF (Simple Machines Forum)

    Thank you in advance.
    Use your Brain, don't be slave!!!!

  2. #2
    Member
    Join Date
    Dec 2007
    Location
    @InterN0T
    Posts
    315

    Default

    I think personally vBulletin is the most powerful and also a good choice if you are
    making a forum for real, and not just for fun or small projects.

    If you want a small forum with less power, but still a lot security you should go with
    SMF seeing as those are quite secure as well. The thing is, as long as you are up to
    date 100% all the time, or allmost, and doesn't install 1 million addons, or check the
    addon-codes yourself, then your forum should be safe.

    I've had my forums for 6 months now, and i've had loads of attacks and pentests on
    it, due to some people just think it would be funny to look if something was not coded
    correct, or some just wants to see if they can hack my forums.. And so on...

    The good thing is i haven't seen that anyone have hacked my forums yet.

    phpBB, no, no no no no.. First of, it's slower than SMF and less powerful than vBulletin.
    phpBB is simply not a good forum to run, in my oppinion, and try go to milw0rm and
    check out how many addons and PoC's have actually been released about phpBB, it's
    seriously insane that they have made that many code-flaws.
    [quote][I]I realized, that I had fallen down from the top of the mountain into a deep, terrifying and dark hole, just to find out that another mountain in front of me, much greater than the previous, was the next step in life. I began to wander uphill on the next mountain of life while I knew it would be much harder than the previous mountain. [/I]- MaXe[/quote]

  3. #3
    Junior Member drpepperONE's Avatar
    Join Date
    Nov 2007
    Posts
    51

    Default

    Thanks for replay Maxe.

    So, You suggest vBulletin, but VBulletin is a commercial product.

    So the best choice for free(gnu gpl licensed) is MFS??

    Yes I agree with you that phpBB is the most unsecure forum!!!!

    Quote Originally Posted by MaXe Legend View Post
    I think personally vBulletin is the most powerful and also a good choice if you are
    making a forum for real, and not just for fun or small projects.

    If you want a small forum with less power, but still a lot security you should go with
    SMF seeing as those are quite secure as well. The thing is, as long as you are up to
    date 100% all the time, or allmost, and doesn't install 1 million addons, or check the
    addon-codes yourself, then your forum should be safe.

    I've had my forums for 6 months now, and i've had loads of attacks and pentests on
    it, due to some people just think it would be funny to look if something was not coded
    correct, or some just wants to see if they can hack my forums.. And so on...

    The good thing is i haven't seen that anyone have hacked my forums yet.

    phpBB, no, no no no no.. First of, it's slower than SMF and less powerful than vBulletin.
    phpBB is simply not a good forum to run, in my oppinion, and try go to milw0rm and
    check out how many addons and PoC's have actually been released about phpBB, it's
    seriously insane that they have made that many code-flaws.
    Use your Brain, don't be slave!!!!

  4. #4
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    I bought a license for vBulletin some time ago. What you mentioned the biggest downside of it, is that it is not free.

    Depending on what you want to do you should either invest the money for some good security and functionality or go with SMF if it is 'just' a little private project.
    Tiocfaidh ár lá

  5. #5
    Junior Member drpepperONE's Avatar
    Join Date
    Nov 2007
    Posts
    51

    Default

    Quote Originally Posted by KMDave View Post
    I bought a license for vBulletin some time ago. What you mentioned the biggest downside of it, is that it is not free.

    Depending on what you want to do you should either invest the money for some good security and functionality or go with SMF if it is 'just' a little private project.
    Ok but in what vBulletin is more secure ?

    Bug/Buffer overflow?http/php/mysql coding exploit??

    User/Password brute forcing?

    Anti robot spam??

    etc etc ???

    Is there a vBulletin vulnerability test report to compare with bhpBB mfs and others??
    Use your Brain, don't be slave!!!!

  6. #6
    Member
    Join Date
    Dec 2007
    Location
    @InterN0T
    Posts
    315

    Default

    Quote Originally Posted by drpepperONE View Post
    Ok but in what vBulletin is more secure ?

    Bug/Buffer overflow?http/php/mysql coding exploit??

    User/Password brute forcing?

    Anti robot spam??

    etc etc ???

    Is there a vBulletin vulnerability test report to compare with bhpBB mfs and others??
    vBulletin haven't had that many exploits, like some of the others.
    It have had some XSS issues though, but most of the issues where i
    see a vBulletin forum that got hacked, it's due to malicious addons
    which aren't safe coded or coded correct.

    vBulletin locks a person out after 3-5 wrong tries, it can be changed.

    vBulletin also has captcha images, which works good enough for me.
    The only times i've had trouble, are real persons registering users, and
    then setting up a spam robot, but then you can also set a lot of other
    variables, such as how long time a user can make between posts etc.

    I haven't seen any test reports, but if you want to invest in something,
    i would go for vBulletin, and if it's a smaller project or something like that,
    then i would choose SMF forums. (simple machine forums).
    (you are mixing MSF and SMF. MSF = Metasploit Framework )

    Just keep in mind, the more addons you have, the more you have to keep
    up to date, or check for wrongly coded functions and so on to make sure
    your forums are safe.
    [quote][I]I realized, that I had fallen down from the top of the mountain into a deep, terrifying and dark hole, just to find out that another mountain in front of me, much greater than the previous, was the next step in life. I began to wander uphill on the next mountain of life while I knew it would be much harder than the previous mountain. [/I]- MaXe[/quote]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •