The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Building a secure forum
Morning,
By way of intro: I've been using vbulletin as a user for sometime, have setup several forums with phpbb. My question: I need to build a closed and secure forum, meaning the entire connection will need to be encrypted, not just the login. After several attempts at searching this forum I came up empty. I have even searched the manual. I could probably use some pre-sales assistance. Thanx in advance, Dan -- |
#2
|
|||
|
|||
So you need a forum that only people that you want can go to? You could do that from the .htaccess file and restrict only certain IPs from going to the site.
|
#3
|
||||
|
||||
You can encrypt the connection with SSL but the content in the database is not encrypted and is not an option on a stock vbulletin install. It may be possible via custom modification but it would not be supported.
|
#4
|
|||
|
|||
I do not know how a forum is structured, but the content needs to be protected and logins confidential. I have also read where some admins have difficulty with the forum software functioning in an SSL environment.
Is there a good functional description of vbulletin? |
#5
|
||||
|
||||
I don't know what you mean by a "functional description." The Manual is available online.
There should be no issues with SSL. vBulletin.com has been running with SSL for months. I was a member of even old 3.x forums that ran with SSL. If someone is having a problem they probably didn't know how to properly setup SSL. |
#6
|
||||
|
||||
You can simple install vbulletin in a private_html directory, add a ssl certificate and allow your users to browse through https. You do not need any special adjustments to vbulletin.
If you only want members to see the forum contents, then adjust your usergroup settings to reflect this. |
#7
|
|||
|
|||
It's simple. Add a piece of code/hook to your global file that redirect to https if user is on http. Then set the cookie params to secure only, and set it to http-only.
|
#8
|
|||
|
|||
I have to jump on the bandwagon here and agree, ssl is the way to go. Theoretically, the system COULD be setup to encrypt the entries in the database, but I can't imagine it being an advantage or 100% secure. Even with my knowledge of the product/plugin system, it would most likely be a hefty re-working of the code, that probably would require modifying the stock vbulletin files.
Judging from the sound of it, I'm guessing you are selling access to certain areas of the forum? If you could provide an idea of the usage you are looking for, we could probably better answer your questions. |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|