How to improve the security of phpBB3

Here are some suggestions on how to make your phpBB3 board more secure:

  • Update your phpBB3 application when there's a new upgrade package.
  • Back up regularly the phpBB3 files on your account and the database used by the application.
  • Make sure your admin password is complex and long enough. Use a random combination of upper and lower case letters, numbers and symbols. Change the password from time to time.
  • Change the user registration settings, so that users have to choose longer and more complex passwords. Enable account activation.
  • Block access to the admin directory for all IP addresses except yours.
  • Rename the phpBB3 admin directory.
  • Disable dangerous PHP functions.
  • Make sure your phpBB3 is in its own separate database. Use different usernames and passwords for each of your databases.
  • Check the file and folder permissions of the phpBB3 files on your account. Make sure there are no world-writable permissions (e.g. 777, 666).

For some more details check out the phpBB3 Security Tutorial.

Was this answer helpful?

 Print this Article

Also Read