Forgot your password?
typodupeerror
Social Networks The Internet

Ask Slashdot: What Is the Best Way To Add Forums To a Website? 259

Posted by samzenpus
from the let-my-people-post dept.
First time accepted submitter DustyMurray writes "I am considering adding forums to my website, and am just getting confused by all the options. My first reaction is always DIY. You get better website integration, and it looks and feels 100% how you want it to look and feel. However looking at things like phpBB and Vanilla forums, I will be hard pressed to build a better user experience in a reasonable amount of time. Also these out-of-the-box solutions seem to be shouting 'Easy to integrate with your website.' So, considering this, how easy are these ready build forums really to integrate? I want to be able to insert stuff on certain pages, so it's not either the forums, or my site... It must be a mix. I do not want a second login system on my site. And last but not least, I definitely don't want to have this typical generic look that most forums sport. Can all that be delivered with the out-of-the-box forums that exist today? Which one is the most flexible regarding these wishes?"
This discussion has been archived. No new comments can be posted.

Ask Slashdot: What Is the Best Way To Add Forums To a Website?

Comments Filter:
  • Re:vBulletin (Score:2, Insightful)

    by ravenswood1000 (543817) on Sunday November 11, 2012 @11:19AM (#41949481)
    I would recommend vBulletin also. The skins are a bit difficult to work around but that is rather common. I run two different forums with about 10k users a peice. No troubles at all and vBulletin does have some pretty good technical support.
  • Be Careful (Score:2, Insightful)

    by stewsters (1406737) on Sunday November 11, 2012 @11:19AM (#41949489)
    They arn't particularly easy to modify without making them hard to update. And updated common web software like that makes you an easy mark for hackers once they put out the next revision. I record all the 404s to our website and you would be surprised how many go to addresses of admin pages on things like WordPress. So if you do go that route to save time, but it on a different box and make it a priority to keep up to date.
  • by Anonymous Coward on Sunday November 11, 2012 @11:24AM (#41949519)

    Should you add a forum to a web site? Are you ready to moderate it, defend it against spammers and irate users, manage lost passwords and deal with intellectual property disputes? A forum doesn't sleep, a forum doesn't go on holiday.

  • Depends (Score:4, Insightful)

    by Arancaytar (966377) <arancaytar.ilyaran@gmail.com> on Sunday November 11, 2012 @11:55AM (#41949729) Homepage

    There are multiple very good forum software projects, and I have no clear preference. phpBB and SMF are good standalone solutions; Drupal is powerful if you're looking to have much more than a forum. LAMP (as in PHP/MySQL) is by far the most popular technology. Ruby and Python might be more stylish, but most of the PHP software has had years of continual improvement. Best get several of them (Wikipedia has a complete list) and try them out locally for comparison.

    Only two things I'd recommend against:
    - First, on absolutely no account try to write your own from scratch. The best projects now available have been in development for almost ten years (more in some cases). This is an extremely complex application with many pitfalls in design, database architecture, extendability, and security. If you were the best programmer in the world, it would take you months of constant testing and bugfixing before you had anything approaching stability; and you'd spend the coming years finding security holes and fixing design mistakes.
    - Second, avoid commercial solutions if possible. They're not usually better. Also, you should factor in not just the purchase price but the continual costs of upgrades and user-contributed addons. One good commercial board I've worked with is IPB, but that's only in recent versions after years of development - and I still prefer phpBB.

  • Re:vBulletin (Score:4, Insightful)

    by Joce640k (829181) on Sunday November 11, 2012 @12:10PM (#41949833) Homepage

    The downside is it will be constantly full of porn+Viagra+poker spam.

    The spammers have got their scripts for attacking all the popular bulletin boards down to a fine art...

  • Re:vBulletin (Score:4, Insightful)

    by Gaygirlie (1657131) <gaygirlie AT hotmail DOT com> on Sunday November 11, 2012 @12:45PM (#41950053) Homepage

    I've always built my own forum software by hand because that way I can build it as a completely integral part of the website, including features that I need and omitting features I don't need. That said, in general I still agree that it's better to go with a pre-built forum software like e.g. vBulletin -- they most likely know a lot better what they're doing than you do. There is, however, one thing I really feel like pointing out here: always disable all the features you do not need. The more features there are the more likely one or another attack point is available. If you don't need e.g. remote administration then disable it, don't just leave it hanging around.

  • by Anonymous Coward on Sunday November 11, 2012 @01:31PM (#41950373)

    You're a dick. We should ban people from posting LMGTFY links on Slashdot just like we did on stackoverflow.

  • by snowball21 (2186378) on Sunday November 11, 2012 @01:37PM (#41950413)
    http://www.joelonsoftware.com/articles/BuildingCommunitieswithSo.html
  • by Giant Electronic Bra (1229876) on Sunday November 11, 2012 @01:46PM (#41950477)

    1) You seem to know nothing about Java and JVM security. It is immaterial what language you are using on the server-side, Java is no more or less secure than any other.

    2) What difference does it make what the market share of a piece of software is. It is either SECURE or NOT SECURE. If it is not secure then it doesn't matter if one person uses it or 3 million, it is still not secure.

    When evaluating the security of a web application there are many considerations (I've actually taught web app security courses and done all this stuff). You should certainly look at how many advisories there are on a given product. You should also see when these happened, how they were resolved, etc. It may be better to use an application that has had numerous issues that have been promptly fixed for instance. How easy are updates to roll out? How soon do fixes come out? Can you review the source code to look for good coding practices and engineering? As for SQL does the product EVER use anything but bind params? If it does construct dynamic SQL that's a red flag, but it MAY be OK if ALL input parameters are carefully cleaned (bonus points of something like perl's taint mode is in use). Ideally you'd also want to run a full security scan against your test install with a good fuzzer and see what happens. If you can easily shake out bugs yourself then that's a red flag too.

    In other words you really can't sort out the security of an application by any simple formula, and certainly you need to use the right considerations. Anyone interested in getting more detailed advice would do well to start with something like OWASP https://www.owasp.org/index.php/Main_Page [owasp.org]

  • by gman003 (1693318) on Sunday November 11, 2012 @02:01PM (#41950591)

    Yes, because changing your entire back-end architecture is a more logical move than escaping your strings or using parameterized queries or any of the other tools that can not only eliminate SQL injection vulnerabilities, but often make the code easier to write and read.

  • Re:vBulletin (Score:5, Insightful)

    by Randle_Revar (229304) <kelly.clowers@gmail.com> on Sunday November 11, 2012 @02:38PM (#41950813) Homepage Journal

    Glad I never tried to sign up there. I am no idiot, and I like anime, but even if I *could* figure such a thing out, I can't imagine I would take the time and effort to do so. I might run a few google searches, but I have doubts that that would be enough to find it.

  • Re:vBulletin (Score:4, Insightful)

    by antdude (79039) on Sunday November 11, 2012 @06:50PM (#41952369) Homepage Journal

    What about accessibility? Are you blocking those who have vision problems? :(

The only possible interpretation of any research whatever in the `social sciences' is: some do, some don't. -- Ernest Rutherford

Working...