19-10-2013 Saat: 16:40
MyBB, originally MyBulletinBoard, is a free and open source forum software which is developed by the MyBB Group. It is written in PHP, supports MySQL, PostgreSQL and SQLite as database systems and has database failover support. It is licensed under the LGPL.
Features
Database Support
MyBB supports multiple database engines. It currently supports MySQL, PgSQL, and SQLite v2 and v3. MyBB also databasefailover support so that if one database fails, MyBB will load the next database on the list. Master and slave databases are also configurable.
Plugins & Themes
MyBB plugins are written in PHP and use hooking techniques. Unlike other software like WordPress, plugins need to be uploaded via FTP as uploading from the admin panel is not supported without a plugin. However, this is a considerable advantage over the extension method used by phpBB where all modifications are core file edits.
MyBB Themes are written inside the Admin Control Panel, and exported to an XML file. The XML file includes all modified MyBB templates and CSS stylesheets, which is redistributed alongside any extra resources (such as images) in a Zip file.
There are over 2,400 plugins and themes on the MyBB mods website. Many other MyBB resource sites, such as MyBBCentral or MyBB-Plugins also offer exclusive, and sometimes paid, plugins and themes.
Security
MyBB has a relatively low-risk security record. In August 2008, MyBB performed a security audit (provided by GulfTech) which led to the release of MyBB 1.4.2 on 17 September 2008.
Once MyBB has been given a high-risk security exploit notification, a patch is typically available within 24 hours.
In October 2011, MyBB found 3rd party code had contaminated the 1.6.4 release files.This code could be exploited to open a security vulnerability on a forum running the affected version. It was later found that a security flaw in the custom CMS mybb.com uses to power its website allowed a malicious user to alter the download files to include their own code.
As a result of the intrusion, the MyBB Group now hosts downloads via Github to ensure the security of a release. A Forum Security section on the MyBB Community Forums opened in 2011 to provide support for users who have been a victim of an exploit.
Throughout 2011, automated registrations caused forum spam in many MyBB powered forums. In MyBB 1.6.5, released on 25 November 2011, additional methods were added to help administrators locate spam users and manage them effectively as well as providing standardreCAPTCHA support.
In May 2012, hacktivist group UGNazi gained unauthorized control over the MyBB.com domain name using a social engineeringtechnique. The attack appears to have been motivated by the use of the MyBB software by a third-party website,HackForums.
PS.: extract from wiki.