After getting a noticeable up tick in spam despite implementing a new spam filter (GFI Mail Essentials), I did a simple google search for my email address to see if it was being published somewhere. Sure, enough I found it on the memberlist.php page of a PHPBB forum we are testing. Simple fix was to just rename this file so that it wouldn’t be a treasure trove for spammers any more. (Though only closing the barn door, one might say.) I was surprised that I could not disable this list from Admin menu. Google also helped me find a nice article about securing PHPBB on somewhat ironically, a .Net developer site. I say ironic not because PHPBB uses open source code and .Net is arguable proprietary, but because the reason we have this test forum was to integrate it with a .Net site. Spooky, right?
One thought on “PHPBB Security”
Thanks for a marvelous posting! I seriously enjoyed reading it,
you will be a great author.I will make sure to bookmark your blog and definitely
will come back later in life. I want to encourage you to definitely continue your great job, have a nice morning!