[thelist] phpBB hacked and Crystal Tech isn't being very helpful

David Kaufman david at gigawatt.com
Mon Mar 30 23:57:03 CDT 2009

Hi Joel,

Joel D Canfield wrote:
> so. hosting recommendations. here are my criteris:
> 1. I'd like to hear who you're currently using, if they meet the other
> criteria. I can search the web myself, but I wanna hear joyous stories
> of glee from real people
> 2. I need classic ASP first, but PHP has to be included. If I have to go
> for two hosting companies, I'll deal. I'd rather not.
> 3. MS SQL and MySQL. Both.
> 4. Forum. Which, um, will automagically absorb the six months of posts
> my current client (a local police office who I'd rather not make my
> enemy) and his buddies have entered
> 5. I'm paying under $40/month for multiple sites, databases, and email
> for three of the domains.
> 6. Real live human tech support from people who care whether or not my
> sites are up and take personal pride in the service they offer
> 7. Server administration. I don't wanna be responsible for it. I'm a
> coder. I don't want to use the hosting service's recommendations, then
> be told it's my fault when things break.
> What've ya got?

Sounds like pair.com there, Joel.

Except for the MS SQL and ASP.  They don't do Windows.

And they appear to support PHP BB:

Though I hate PHP BB with a passion after, like you, discovering that 
every time I installed one for a client I then became the guy who had to 
     hack and patch the hell out of it all the time to install the 
inevitable "mods" that the client requires to make it do important 
things like captchas and anti-spam.

Then I'm of course also the unlucky slob who has to undo, and then redo, 
all that hacking and patching every single time a new release comes out 
that closes some important zero-days gaping security exploit hole that a 
6th grader can drive a truck through.

And by this point they are less and less thrilled about paying for all 
the time it takes just to keep the thing from becoming a honeypot for 
every spammer and hacker on the intertubes.

And after all that, I'm the guy they blame when the mods don't work 
right, or don't play well together, and spammers periodically mount wars 
on the board and take over the place, or the thing just gets plain 
hacked despite the vigilant application of patches and midnight oil.

PHP BB just ain't worth it to me.  I'd either use something else -- 
anything else -- just to stay off the black hats' radars, or use a 
hosted BB solution with a good reputation for security (just for the bb 
-- you don't have to move the rest of the site) so that battling the 
bulletin board dragons (spammers and hackers) is someone else's job.


More information about the thelist mailing list