No announcement yet.

Security against hackers

  • Filter
  • Time
  • Show
Clear All
new posts

  • Security against hackers

    Hi, For several years i've had a forum for rock climbing, we used Postnuke with a phpBB2 module. Over the last year we've had numerous attacks by hackers that recently led to our service provider shutting us down.

    My question is, how secure is vbulletin? Are hackers constantly finding vulnerabilities? Since its likely that the hacker(s) that have screwed with us over the last year will continue to look for opertunities we need a secure easily upgradable program and we dont have anyone highly skilled in these programs.

    Another question we have is, does vbulletin have a CMS or some kind of portal similar to Postnuke? we have currently installed Joomla and there is a bridge that can be used with vbulletin but we dont really like joomla all that much.

    Also, is there good instructional documentation available for vbulletin?


  • #2
    There is never such thing as "too safe". However, you only have to take a quick look at the security announcements from both vBulletin and PHPBB, to come to the conclusion that vBulletin does not have security issues as frequent as PHPBB.

    I will be honest to say that my forum has been compromised as a result of a flaw in vBulletin. However, the staff were quick to respond and even spent until 3am in the morning trying to find the flaw on my board. Shortly after, there was a new release for vBulletin. From experience, I don't think you'd get the same level of service from PHPBB!

    There isn't an official portal for vBulletin, however, there are many good unofficial ones available at

    Lastly, you can find the in-depth documentation for vBulletin by clicking on the following URL:

    Hope that helps.


    • #3
      Thanks, that helps a lot.


      • #4
        phpBB is full of security vulnerabilities. Most of those phpnuke/postnuke type scripts are also quite vulnerable.


        • #5
          Yeah, I used to use phpBB & there are way too many security holes. I'm not saying it should be perfect with no flaws, but that's ridiculous.

          phpNuke & Postnuke are forks of phpBB. Surprise!


          • #6
            phpBB does have many holes, but updates most of the time solved them...actually IPB at one time had very dangerous vulnerabilities, and still does, even though they have been poorly fixed. I know about 10 boards that have been hacked, and most of them were using IPB, a couple phpBB, and I know no hacked boards that had used vbulletin.
            vBulletin is safe as long as you keep it updated, do not modify the code if you don't know what you're doing, and most important, if you do not install someone else's hacks.
            vBulletin is very secure

            Ah look at this: a hacked IPB board..


            • #7
              OMGosh, that is horrible!!! I was seriously going to cry for them! Ugg, I'll never understand some people's need to cause trouble *shakes head*

              My whole site was hacked once (not the one I have now) and they were kind enough to leave me an email so that I may reach them. When confronted with the question "why?" they told me simply - People need to learn a lesson and protect themselves better. Hurt me to help me kinda thing I guess which still seems cruel. I was running phpBB at the time.. Could that have been the reason? Or the way it was done rather? I would tihnk in that case it would just effect the forums, right? I never did figure that one out LOL

              *shakes head again* some peoples chillin's..


              • #8
                I am...well I WAS a member of those forums, and the content lost..was worth more than all the money in the world..
                They complained with IPB..and well they got a pretty awkward response..
                I suggested they should get vBulletin next time..hehe
                Getting phpbb for a medium or large community is suicide.. and well what can I say about IPB? You can read that forum's message by yourself..


                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.