Security Settings

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Scam Warning
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
Uzam
Registered User
Posts: 280
Joined: Wed May 20, 2009 3:22 pm

Security Settings

Post by Uzam »

Hello,

At the moment there is a lot of "hacking" going around, people "attempting" to take over forums. Just trying to make the forum as secure as I can via the phpBB settings without having to go into doing .htaccess on folders,etc.

Anyway.

What does this mean?

Code: Select all

Validated X_FORWARDED_FOR header:

Sessions will only be continued if the sent X_FORWARDED_FOR header equals the one sent with the previous request. Bans will be checked against IPs in X_FORWARDED_FOR too.
Help would be appreciated.


and this

Code: Select all

Allow php in templates:
If this option is enabled, PHP and INCLUDEPHP statements will be recognised and parsed in templates.

Code: Select all

Validate Referer:
If enabled, the referer of POST requests will be checked against the host/script path settings. This may cause issues with boards using several domains and or external logins.


What would be the best settings?
Uzam
Registered User
Posts: 280
Joined: Wed May 20, 2009 3:22 pm

Re: Security Settings

Post by Uzam »

Also

Code: Select all

Tie forms to guest sessions:
If enabled, the form token issued to guests will be session-exclusive. This can cause problems with some ISPs.
User avatar
DoYouSpeakWak
Registered User
Posts: 2311
Joined: Fri Jul 25, 2008 1:32 pm
Location: Island of Wak-Wak

Re: Security Settings

Post by DoYouSpeakWak »

What exacly is is that troubles you, The descriptions provided are pretty good imo for most of the stuff.

Try to read this link http://www.phpbb.com/support/documentat ... r_security

And if there is a few things you still dont understand try to be more precise.
Whatever you share comes back. Support the phpBB Communities
Offering paid services. 15+ years of experience with phpBB3 and server management.
Uzam
Registered User
Posts: 280
Joined: Wed May 20, 2009 3:22 pm

Re: Security Settings

Post by Uzam »

ahh thats very handy. Thank you very much!

Return to “[3.0.x] Support Forum”