MyBB Community Forums

Full Version: Security Question Regarding Mybb
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hello All,
i want to know some answers of my questions regarding to mybb security.If you're good in it kindly answer them

thanks

>what are the perfect CHMOD setting for admin,inc,install,cache and other to protect these folders from anonymous access?

>changing the default mybb table to anything like mybb_111 to father_333.. will create any issue in future or just default is okay

>i respect the coders of mybb but in my case i don't like the portal.php page so i want to remove it forever "how do i do that"?

>adding a admin login pin is good or does it have any problem in case you forget the pin number?

>how often should i take offline backup?

I wish to get perfect answers

waiting for comments..!
(2012-10-03, 07:43 AM)A N K E S H Wrote: [ -> ]>what are the perfect CHMOD setting for admin,inc,install,cache and other to protect these folders from anonymous access?

Please see: http://mattrogowski.co.uk/post/2009/06/2...hen-hacked

(2012-10-03, 07:43 AM)A N K E S H Wrote: [ -> ]>changing the default mybb table to anything like mybb_111 to father_333.. will create any issue in future or just default is okay

That's completely fine, there won't be any issues with that.

(2012-10-03, 07:43 AM)A N K E S H Wrote: [ -> ]>i respect the coders of mybb but in my case i don't like the portal.php page so i want to remove it forever "how do i do that"?

Delete portal.php.

(2012-10-03, 07:43 AM)A N K E S H Wrote: [ -> ]>adding a admin login pin is good or does it have any problem in case you forget the pin number?

IIRC the pin is hard coded so all you have to do is open the file to see the pin.

(2012-10-03, 07:43 AM)A N K E S H Wrote: [ -> ]>how often should i take offline backup?

It really depends on how much activity your forum has. Once a week should suffice for most installations.
Thank you Nathan Malcolm but deleting the portal.php directly..is it okay?
Yes, it's perfectly fine. It's not a dependency so MyBB can run fine without it.
thank you so much for the time Smile
As you seem to be a new forum admin, there are other basic security measures to take, such as renaming the admin directory to something unique for your site (You will need to update inc/config.php) and then installing the fake admin mod. Except when updating and / or installing MyBB and mods, the database user should not have permission to create, alter, or delete tables.