Posted on

Message Board Security Problems

Security leaks can be a big problem for any site using a message board. Hackers can actually use your message board to go in and change things on your site. This has happened to me at least four times. Once an iframe was added to every single page of one of my very large sites. Thankfully, I had it completely backed up, so all I had to do was send the pages back up to the server. Twice, the front page of one of my sites was hijacked. The entire content of the front page was replaced by some note from a hacker stating he had been there.

The last time one of my sites had to be taken down to prevent the server from crashing. After calling my web host they were able to tell me my message board was the cause of the problem. I used, and still do on some sites, the phpbb message board. It is one of the most popular boards on the internet, and it's free. The web host tech told me that the problem was that a virus of sorts had been placed onto the server, through the message board, in the message board folder, and was calling out to other servers causing a major load on my web host's server. To fix the problem the web host tech found the file and deleted it. After that, all I had to do was update to the latest version of phpbb and so far so good.

If you use a popular message board like phpbb you need to make sure you've always got the latest version. The more popular a message board is, the more hackers are likely to strike. Perhaps the familiarity is the problem or maybe the hackers know that they can get a lot of bites going after a widely used board. As of this writing, the most current version of phpbb is 2.0.15. As the phpbb guys are always security conscious they have added to this version a re-authentication to access the administration panel.

Forums are a very important part of a website, but they can be the downfall if your board script is not updated on a regular basis.

Source by Tim Frady

Leave a Reply

Your email address will not be published. Required fields are marked *