first steps to secure a phpbb forum from spammers
This little tidbit from sebflipper.com is really helpful for cutting down on spam that results from the default permissions on new forums in phpbb
This line:
INSERT INTO `phpbb_forums` VALUES (1, 1, 'Test Forum 1', 'This is just a test forum.', 0, 10, 1, 1, 1, NULL, 0, 0, 0, 0, 0, 1, 1, 3, 3, 1, 1, 3);
Try changing it to this:
INSERT INTO `phpbb_forums` VALUES (1, 1, 'Test Forum 1', 'This is just a test forum.', 0, 10, 1, 1, 1, NULL, 0, 0, 0, 1, 1, 1, 1, 3, 3, 1, 1, 3);
Also in admin/admin_forums.php change this:
$forum_auth_ary = array(
"auth_view" => AUTH_ALL,
"auth_read" => AUTH_ALL,
"auth_post" => AUTH_ALL,
"auth_reply" => AUTH_ALL,
"auth_edit" => AUTH_REG,
"auth_delete" => AUTH_REG,
"auth_sticky" => AUTH_MOD,
"auth_announce" => AUTH_MOD,
"auth_vote" => AUTH_REG,
"auth_pollcreate" => AUTH_REG
);
to this:
$forum_auth_ary = array(
"auth_view" => AUTH_ALL,
"auth_read" => AUTH_ALL,
"auth_post" => AUTH_REG,
"auth_reply" => AUTH_REG,
"auth_edit" => AUTH_REG,
"auth_delete" => AUTH_REG,
"auth_sticky" => AUTH_MOD,
"auth_announce" => AUTH_MOD,
"auth_vote" => AUTH_REG,
"auth_pollcreate" => AUTH_REG
);
so when users create new forums it would automatically have no guest posting.
Additionally you can open posting.php and after this:
//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_POSTING);
init_userprefs($userdata);
//
// End session management
//
add this:
if(!$userdata['session_logged_in'])
{
message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
}
so existing forums where guest posting is enabled would have guest posting disabled.
Posted: May 28th, 2007 under Linux, PhpBB.
Comments: none
Write a comment