At the moment there is a lot of "hacking" going around, people "attempting" to take over forums. Just trying to make the forum as secure as I can via the phpBB settings without having to go into doing .htaccess on folders,etc.
Anyway.
What does this mean?
Code: Select all
Validated X_FORWARDED_FOR header:
Sessions will only be continued if the sent X_FORWARDED_FOR header equals the one sent with the previous request. Bans will be checked against IPs in X_FORWARDED_FOR too.
and this
Code: Select all
Allow php in templates:
If this option is enabled, PHP and INCLUDEPHP statements will be recognised and parsed in templates.
Code: Select all
Validate Referer:
If enabled, the referer of POST requests will be checked against the host/script path settings. This may cause issues with boards using several domains and or external logins.
What would be the best settings?