Question about Security

Discuss phpBB 3.0.x in general.
Forum rules
Please post any phpBB 3.1.x related topics in the forum.
Post Reply
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable
MewDragon
New member
New member
Posts: 2
Joined: 22 Apr 2007, 20:58
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Question about Security

Postby MewDragon » 22 Apr 2007, 21:00

Hey guys,

I'm debating on what type of security mods I should install on my phpbb forum. The two big ones, I think anyway, that I was considering installing are these:

http://phpbbhacks.com/download/4359

http://phpbb-tweaks.com/topics.html-t-665

Would someone be able to advise me which one is better, or if there's something else I should be installing instead, thanks, I appreciate the assist.
Top
User avatar
Saeru
Past Contributor
Past Contributor
Posts: 177
Joined: 17 Jun 2006, 23:58
Location: Behind a PHP book.
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Postby Saeru » 23 Apr 2007, 04:52

I would not bother with security mods, as long as your forum is kept up to date you wont be hacked. There has not been a signle real report of hacking the newer versions of the forums.

Security mods May have their own security issues and may leave back doors into your forum, plus most are made for the older versions that did have some security issues.

Just keep your forum up to date.

"Naku ga yousuru ichidanto tsuyosa kyaku ga icchuu wo yusuru."[/size]
Top
Ash Hi Fi Zone
New member
New member
Posts: 33
Joined: 05 Apr 2007, 13:57
Contact:
Contact Ash Hi Fi Zone

Postby Ash Hi Fi Zone » 23 Apr 2007, 12:14

Hmm I too would not advise on using those MODS....If you want some security adding a .htaccess and .htpasswd file to your admin directory should do well.... Also there is a mod called User Protect MOD which automatically locks anyone's account temporarily for 30 mins or so if more than 3 failed login attempts is achieved....
My Kool Forum :
My job-related website :
My phpBB 2 Mods :
My phpBB 3 Mods :
My phpBB 3 Stlye Tutorial :
Top
User avatar
drathbun
Member
Member
Posts: 156
Joined: 26 Jul 2006, 00:02
Contact:
Contact drathbun

Postby drathbun » 23 Apr 2007, 15:40

Top
Ash Hi Fi Zone
New member
New member
Posts: 33
Joined: 05 Apr 2007, 13:57
Contact:
Contact Ash Hi Fi Zone

Postby Ash Hi Fi Zone » 23 Apr 2007, 16:22

But the USER PROTECT MOD also logs the IP of the failed login attempt which may come useful at time to detect who was that mutt who tried to login to another member's account.... The default phpBB lcoking thing does not have that option doesnt it ?

Also userprotect MOD allows you to specify some restrictions on length of password and some more password related features too... The blocking time is also easily configurable....
My Kool Forum :
My job-related website :
My phpBB 2 Mods :
My phpBB 3 Mods :
My phpBB 3 Stlye Tutorial :
Top
User avatar
Saeru
Past Contributor
Past Contributor
Posts: 177
Joined: 17 Jun 2006, 23:58
Location: Behind a PHP book.
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Postby Saeru » 23 Apr 2007, 16:33

If you want an IP log then thats one thung. But there is no need to add in any ofthe security mods that are out.

"Naku ga yousuru ichidanto tsuyosa kyaku ga icchuu wo yusuru."[/size]
Top
Ash Hi Fi Zone
New member
New member
Posts: 33
Joined: 05 Apr 2007, 13:57
Contact:
Contact Ash Hi Fi Zone

Postby Ash Hi Fi Zone » 23 Apr 2007, 18:21

Yep - another security measure you can take is to use a different prefix for your tables in your DB ;-)
My Kool Forum :
My job-related website :
My phpBB 2 Mods :
My phpBB 3 Mods :
My phpBB 3 Stlye Tutorial :
Top
MewDragon
New member
New member
Posts: 2
Joined: 22 Apr 2007, 20:58
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Postby MewDragon » 26 Apr 2007, 03:21

Ah, really? Allright then. I have a lot of mods installed on my forum though, which I guess increases the number of potential exploits. Should I still not bother with it then?
Top
Ash Hi Fi Zone
New member
New member
Posts: 33
Joined: 05 Apr 2007, 13:57
Contact:
Contact Ash Hi Fi Zone

Postby Ash Hi Fi Zone » 26 Apr 2007, 07:44

Well actually if the installed MODS are approved in the phpbb MOD-DB I 'm pretty sure there is not much chances of any security exploits...... :)

So if you want the IP logger alone for failed login attempts you can install that mod and also use htaccess protection for admin folder.... That should pretty much be enough ;)
My Kool Forum :
My job-related website :
My phpBB 2 Mods :
My phpBB 3 Mods :
My phpBB 3 Stlye Tutorial :
Top
User avatar
igorw
Past Contributor
Past Contributor
Posts: 1967
Joined: 01 Jun 2006, 20:48
Real name: Igor
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Postby igorw » 26 Apr 2007, 09:04

Yeah, MODs from phpBB.com's MODDB are pretty secure :)

- we're poor!
Top
Post Reply
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Return to “phpBB 3.0.x "Olympus" discussion”

Who is online

Users browsing this forum: No registered users and 5 guests