No announcement yet.

phpBB first timer needs help

  • Time
  • Show
Clear All
new posts

  • phpBB first timer needs help


    I just installed phpBB 3 to my domain and I just wanted to ask a few questions before opening it to the public. I have heard a few stories about phpBB not being secure right out of the box, and need some guidance from experienced forum owners.

    What changes should I make to the default settings before allowing people to use the board?

    Should I use the mail system included with phpBB or should I use SMTP?

    My site is about script mods and I need to allow people to upload their mods to the board. I understand that any time you allow people to upload files to your server, security should be a concern. Is there any security measures I should take before turning the upload feature on?

    What about images? What should I set for the maximum image file size and dimensions?

    This is my first experience with a forum and I am open to all suggestions.


  • #2
    I don't think you'll have any real problems with phpBB security as it is. The key is to make sure that you always keep it updated to the latest version that is available.

    For e-mail you should have it use PHP's mail function (not SMTP).

    I haven't used phpBB in many years so I can't provide specific information on their specific features / configuration options. They should have an option to limit the type of files (by file extension) that can be uploaded. I would restrict these to only the ones that you need. But overall you'll be fairly safe with uploads through phpBB.

    Image sizing is entirely up to you and depends on what these are images of. The larger the sizes that you allow, the quicker your disk space will fill up.


    • #3
      As Andrew said, you should be fine with the default configuration.

      On pictures, you will use up disk space to store them. The server will store the original size, plus a thumbnail. One option is to use something like ... the image is stored on their servers (in return for an ad when the user opens the full size picture).

      I had to turn it off for my "family-friendly" forums as some adult links crept in, and the folks there never responded to me. But I understand that's a fluke, and they have taken care of that problem.

      I would also enable the feature in Cpanel to prevent "hot linking" of images to save on bandwidth.


      • #4
        Thank you both for the tips and info.