Tempted to use phpBB with Wordpress (w/ integration plugin)

Folks,

I'm going to launch a new Wordpress blog/site in the next week or two. I'm debating on using phpBB as my forum solution because I've also found a plugin which will do the integration of WP and phpBB.

Here's the plugin site/info...

http://www.wp-united.com/

....now, I'm looking for some thoughts and/or suggestions on what I should do. Rather than pay for a vBulletin license for what will, more than likely, be a small forum(s) ....I think that I want to go with a free option.

Anyone have some thoughts, comments or suggestions?

 

Let me see if I understand this correctly, your going to use a secure platform like wordpress, and your going to integrate it with something like phpbb?

I am at a lose for words.

 

I would take a look at SMF 1.9 if I was you, it's much better than phpBB3. I use WordPress also, but I choose not to run a forum though. Can't really be bothered with the hassle of running both to be honest. But if I was to put a forum online with it, I would use SMF 1.9.

I tested it last month to see what I thought, and it's good, very good in fact!

 

Why would you be at a 'loss' for words? By your comment, I'm assuming that phpBB has some sort of security issues? I haven't read up on it much, so I'd need folks to help guide me in making the right choices here.

If not phpBB, then what in your estimation?

I've heard negative things about SMF, but what did you like about it?

 

By all means, please use phpbb. After your site is hacked, defaced and made fun of on hacker sites, maybe then you will understand.

 

Kevin, you do realize that I'm actually looking for help on this topic, right?

I've only used vBulletin in the past and security is absolutely a big concern of mine. So, if you know of security issues with phpBB (as it seems that you do) could you actually point me in the right direction?

My main point, for those that can help me walk through this thing is to have a viable option where I wouldn't have to pay for a license (since I'm starting a network of sites and most of them would probably require their own forum) for the forum software. If the particular forum works and starts to take off, then I could potentially spin it off to it's own vBulletin forum and put in the extra work to have it moved over.

 

Remember you have another option too, you could use WordPress's own forum software. Personally though I don't rate it myself having installed and looked at it, but it's an option for you.

phpBB3 would use a different database from your WordPress install, the same way SMF would. So even if your forum did get hacked, it wouldn't really effect your WordPress site as such, because they'd be using two totally different databases to function online.

The best free forums in most peoples eyes are: SMF, phpBB3, and MyBB. With SMF classed as being the "most secure" off the 3 from what I've read.

If your thinking of using WordPress though, it might be worth your while taking a look at there own forum software if your not bothered about a million and one features and just want a straight forward community, as they work hand in hand with each other. Plus you can use Akismet with it very easy, just like WordPress.

Link: bbPress

It's also worth noting that the next RC2 release of SMF 2 will come with a brand new "curve theme" that makes it look very much like phpBB3. Also, if you've been using vBulletin, you'll most likely hate phpBB3 (way to basic on features). Unlike SMF and MyBB which comes with a lot of features to rival vBulletin.

If your biggest concern is security, SMF is said by many to be the most secure of the 3. They've only needed to release one security patch for SMF 1.9 in 2 years, which was released, and also added to the download package last month.

 

Thanks mrgtb, I actually just posted about bbPress on another thread here on AA

I kind of want something real basic and not too fancy, so that might be the option to go with. I don't want to spend a lot of time customizing the forum aspect of the sites because I'm not sure that they will be used a lot. But, I want to have it there as an option and as something that can help generate additional content for searches as well as for promoting purposes.

 

Keep in mind though that BBPress is not a stable version, it's still in RC yet, and quite frankly from what I saw when using it. Needs a lot of work yet before I would seriously consider using it myself with my own WordPress site. But like you I want a basic easy to use forum, that matches my WordPress, is SEO Friendly, and of course lets you use Akismet for spam if I was to run a forum.

Looks promising yeah, but it needs more time to mature in my eyes. But hey, install it and take a look at it yourself. Don't take my word for it, plus you can see what it's like first hand.

 

Arny, you can also look at Vanilla - Free, Open-Source Forum Software

I know people get it to integrate with WP quite often.

 

Ok, I'll be serious for just one minute.

A few years ago there were a couple of forums that I used to visit on a regular basis - and both of these forums ran phpbb.

Site one - finally switched over to SMF after being hacked every 2 or 3 days, for a month. Whoever hacked this site did so for about 4 - 6 weeks. The owner would fix the site, a day or two later - hacked again. A lot of the members left and went to other sites while this was going on.

Site two - was closed forever. This site, I know the owner personally. When I asked him why he closed his site, he said he was tired of getting hacked. Lynn, my buddy that owned the site told me that he got hacked about once a week, sometimes once a month. He would fix the site, then it would be hacked again.

Site three - I read about this one on digital point. This guy posted a quession about phpbb and if it was ok. Someone said that it was a good forum, the that is what they guy went with. About 1 week later the guy replies back to the thread that his phpbb was hacked - and it was less then 1 week old. He had a few choice words about phpbb and the guy who recommended it.

Ever since I saw both of these sites get hacked, defaced and shutdown, I have not recommend or use phpbb.

One of those sites belonged to a close, personal friend of mine. It is a shame that buddies can not even have a forum to post stuff without hackers destroying the community.

 

Instead of what I know?

I know that my buddy was running a basic phpbb forum, I know that they other forum I visited was running a basic phpbb forum.

I know that I saw "hacked by <insert hacker name here>" on the home page of the forums.

Whats not to understand?

Lets not make excuses for phpbb. Its not secure.

 

It seems also your basing your facts off phpBB2 and not phpBB3, which is another story really. There are some big sites like NameCheap using phpBB3 for there forum now, which says a lot really towards how much it's improved that they would even consider using it. Also remember that phpBB3 is the "number one most targeted free forum" board by hackers, so maybe that why more phpBB3 board get reported as being hacked over other free alternatives like SMF and MyBB), which don't get targeted as much because their not used as much. So things have to be put into perspective.

You have to keep in mind also that most boards get hacked because the users of them install hacks, and it's their own fault they get hacked after installing 3rd party add-on's that introduce securitry issues. Most phpBB3 users, use it because of the large modding community out there. So you should not ignore the fact that most hacked phpBB boards are the result of the owners running them.

phpBB3 (not phpBB2), seems to be a very secure board these days and should not be confused with the old days of phpBB2 boards getting hacked left right and centre.

 

Did the same developers work on both projects? Their reputation speaks for itself.

I dont care if its phpbb2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20,,,,,,

If the same people wrote the program, the end result will be the same.

Lets not make excuses.

 

Yes, either some kind of independent security audit, or programmers to fix any security issues.

Never.

Yes there is.

Go ahead, you might change your mind about phpbb when your site is hacked and defaced.

Looks like a dead dog, smells like a dead dog, usually is a dead dog. Calling a dead dog by any other name is not going to change the facts.

I have never seen a vbulletin forum that has been hacked. Even VB forums running version 2.X are still trucking along just fine.

 

I was going to say the same thing also, and your right about bringing up vBulletin getting hacked. How many posts do we read on vBulletin.com that a persons board got hacked. Only to read later on he's been using a hacked board with mods installed. Same with IPB or any other forum software for that matter, not just vBulletin.

He also touched on the fact in one of his previous posts that WordPress is secure. Well thats open for discussion too. I use WordPRess, and believe me there are a lot of things you have to do to make your WordPress blog secure from hackers, like adding a .htaccess file in the wp-admin folder that only allows access to it from one IP Address (yours), and blocking all access to the wp-config.php file using code added to the .htaccess file in the ROOT directory. All of which I use on my site, that don't come as default with a WordPress install.

WordPress by default does not stop people from browsing your upload folder and seeing thousands of images listed, which they could loop to slow and crash your server down. I have to use another .htaccess file there also which stops all files from being listed in the upload directory, and sub folders in it.

And it goes on and on

 

I have heard about some of that, but do not believe most of it. I run 4 self hosted wordpress blogs and have never had any problems.

If you want your wordpress upload directories protected, upload a blank html file to them. Problem solved.

If you look at some of the BIG sites, they are usually ran by people that know how to code, or have enough money to hire coders.

Example, you can hire people like this to audit your phpbb forum - http://www.agmckee.co.uk/services/phpbb-security-audit

Your getting into an area of where you have admins that try to hack their own sites and fix the problems they find. And people who install phpbb and go with it just like that.