Skip to:
Content
Pages
Categories
Search
Top
Bottom

Is bbPress vulnerable to hackers?

  • @rvpodcast

    Participant

    I’ve just spent a lot of time making a great bbPress forum. When I went to ask my WordPress developer for some assistance, he said that bbPress was way too vulnerable to hackers, would clog my server, and that he didn’t want to work on it. He says WP is not good for forums. I do expect the forum to be busy with users but from what I can see, the security and hacker issues seem to be from several years ago. I love the forum I have set up on bbPress but my developer has me spooked. Has bbPress gotten rid of most of those previous issues?

Viewing 9 replies - 1 through 9 (of 9 total)
  • @mike80222

    Participant

    Hi @rvpodcast,

    I’m not a WordPress, bbPress, or security expert — but I’ve been using bbPress for forums on a couple of different sites for almost 5 years now. I’m not aware of any current or recent security issues with bbPress itself. WordPress has had a number of them. I suggest looking at one of the several available “vulnerability” databases WRT this kind of thing. I mostly use Wordfence (and I also use their security plugin on all my WordPress sites).

    For what it’s worth, my most active site has about 500 users. So I don’t have any experience with a really high-volume site.

    It is definitely important to take some time making this decision, because once you choose your forum software, it’s not going to be easy to switch!

    Hope that helps.

    Mike

    @robin-w

    Moderator

    @mike80222 writes a really good response.

    bbpress is used on the support site of WordPress itself – ie it is what almost all the themes and plugins have as their support tool, eg

    https://wordpress.org/support/plugin/gutenberg/

    and

    https://wordpress.org/support/forum/how-to-and-troubleshooting/

    that last one has 23,000 pages of 30 topics so to say wp is not good for forums and that it would clog your server is maybe not accurate.

    bbpress is used on 200,000 wordpress sites, including this one.

    All plugins and themes have the potential be be unsecure. Indeed as I write this, the Elementor plugin which is installed on almost 9 million sites has a vulnerability which has just been fixed.

    If you really want to secure your site then as Mike says, install the Wordfence plugin, it is really worth it. The free version will gets you lots, but if your site is more commercial and not a say a poetry writing forum, then paying $119 for the professional version is well worth it. You get same day protection from issues found by an army of bug hunters.

    @rvpodcast

    Participant

    Thank you. I bought and installed WordFence Premium on our new forum. Your reply gave me much encouragement.

    @robin-w

    Moderator

    great – what were you wanting your dev to do?

    you might find this useful if you are not already using it

    bbp style pack

    @rvpodcast

    Participant

    Yes, I already have the style pack and used it in the design.
    The task I asked him to do was to get our new forum (forum.rvlifestyle.com) on Google Analytics G4 and Search Console, so as to count traffic separate from our main blog (rvlifestyle.com)
    He refused because of the reasons in my OP above
    I have done most of the design on the new forum myself (I’m bleary-eyed from four 16 hour days this week) but figure that is the best way to learn bbsPress.
    Google analytics baffles me. I have no idea how to do this and Mediaviner, the main way I have monetized the main site, made it clear that I must have separate analytics.
    I’m ready to soft launch this new forum and hoped to do so over the weekend but want those analytics installed.
    Do you have someone you can recommend who can do so at a reasonable cost?

    @rvpodcast

    Participant

    Thanks Mike… We have a Facebook Group that has over 260,000 members and we are hoping to convince as many as possible to instead come over to our blog. I have a team of seven moderators and a community director to keep everyone playing nice. If we can only get a small percentage of our FB members to come over, we will still have thousands on our bbPress forum so I’m hoping it will handle the load of whatever we get

    @robin-w

    Moderator

    @rvpodcast – sorry google analytics baffles me as well 🙂 🙂

    By the way both site and forums look great!

    @rvpodcast

    Participant

    Thanks! Google doesn’t make anything easy 🙂

    @mike80222

    Participant

    I’m afraid that I can’t offer any advice on Google analytics either. My sites are hooked up to both Google Search Console and Analytics. Sometimes the notifications from Search Console make sense and I have fixed some things based on those. But I’ve never figured out how to use Analytics for anything other than just to see where people are coming from geographically.

Viewing 9 replies - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.
Skip to toolbar