I just got my forum fixed from being bombarded by spammers - three days spam free, but now my forum has been hacked!
Has anyone ever seen this?

You can still see it, just happened this morning and I haven't had a change to repair it (link is in sig). Is phpBB easier to hack than other free forum software? I'm thinking about scrapping and starting over......again.

Recommended Answers

All 11 Replies

I'm sorry you've been having such problems lately. I have to say that I've used phpBB in the past and was very happy with it. I haven't been following the software lately and don't know if there are currently any known exploits - that seems like a question for the official phpbB forums. Are you using shared web hosting? There maybe a permissions problem where other customers on the same shared server have access to your files. You might want to speak to your web hosting company.

Sorry to hear about that, you should always opt for a dedicated server, seems your forum has exterm popularity and good number of visitors.

Thanks for the sympathy Dani. Actually, they didn't do any damage beyond changing the forum category titles as far as I can tell. I did a quick scan over the database and all seems to be normal, so far.

I guess it was the challenge of the hack and they just wanted to leave their mark.


Sorry to hear about that, you should always opt for a dedicated server, seems your forum has exterm popularity and good number of visitors.


That's what so weird. I have been overrun with spam, I'm assuming for backlinks, but I'm just getting my site started and I get very little traffic. Backlinks from my site would seem worthless at this point.

Actually, I have only one user that just registered. My plan was to keep posting like a blog until I started getting some members.

Why I was target by a hacker, I don't know. Seems like they ususally go after the bigger sites. My site is just a hobby, so I don't want to spend a lot of money for a dedicated server. Maybe when the site gets bigger.

Anyway, hopefully all the spam and hacking are behind me and I can start to work on my forum growth.


Just don't use PHPBB2.
I tell this to everyone I know because they always have the same problems. Use something different and more secure. To me, SMF is the best free forum software out there. I am completely free of spam, and the forums have run for months; my friends who use SMF are doing great as well. SMF also gets updated frequently, which is good, as they are always fixing bugs and security holes. Still, no open-source software can be 100% secure, like many people have already said.

As for getting hacked, just do a backup every now and then, and you'll be safe.

Why PHPBB2 is used so frequently, I guess it's because of the great amount of free-forum-hosting services using it, the time it has been out there for download, the easy installation thanks to Fantastico, obliviousness of users to the existence of other forum softwares, and just plain popularity.
But this is my guess. Others will never agree.

Sorry that this happened to you. Good luck. I know it's hard to get a forum community run successfully with those problems.

Arwym, your wrong - you can use PHPBB2 securly - our community which runs on phpbb2 has never been hacked and has now over 3,000 members - I would reccomend anyone with phpbb to install some security mods - check with the phpbb community.

Best way to stay secure (I know people will hate me for saying this), don't broadcast the fact that you run phpbb - remove all traces of the word 'phpbb'.

If you know to install some security hacks and follow the updates you're safe with phpBB. Saying a script is more secure than the other is debatable. My latest hacks were targeting the entire server. So I had all my 14 forums down (and I run on 5 scripts: vb, ipb, mybb, smf and phpbb). No one escaped, no matter how "smart" the script was. Have backups and you'll be OK

I am talking about the script all by itself, not about its mods. Saying a script is more effective than another just because it has certain mods (not saying that you did) would be debatable as well. Also, consider that most of the PHPBB2 users don't even know what a mod is. They install it because that's the only forum software they know about and will probably use Fantastico for that. They can hardly tell the difference, anyway. Either all of that, or they are hosted on free servers, and are probably not allowed to install any additional mods. That is my point.

Also, I am completely aware that no script is 100% secure. But I have never gotten spam in my SMF (at least not until now) installation and I barely use any mods. None of the mods have to do with security enhancing. While a default installation of PHPBB2 (and I have seen this countless times) DO tend to get spam very quickly.

But like I said already, many are not going to agree with what I say.

I always recommend vBulletin but still Spammers are always looking for intrusion. I saw this one well known adult forum which was bombarded by 200 spammers spreading 10000 posts.
Later it took 2 days to wipe their posts...


vBullettin is more secure, but I'm using phpBB2 with patches...it has many holes to exploit...

look here:


then search for phpbb


sorry bout your site.. XD

I think you can not blame or claim for any software to be secure , Phpbb is vulnerable Vb too and IP too , PHPbb is more popular means more user more testing simple . Like windows and linux maximum computer user's use Windows so people say windows is vulnerable . its my thinking nothing is secure in Internet.

Regards and best wishes

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.