Web Site Design Blog

The other day one of our larger sites had what they thought was a security breech and jumped out of their seats rushing to conclusions about site security. Their first conclusion went public and set off a bad series of events that could lead to legal ramifications. Now site owners should know that before you rush to judgment about what is going on in your forum, your first step is to stop and investigate. As this larger site may have learned, tossing out allegations of site breach and hacking are not a good idea without contacting a professional to find out what is really going on.

Since we do lots of forums for larger groups, we thought it would be a good idea to set out some guidelines for site owners. Now let’ say you are sitting in your private forum and suddenly you see another member in there that is not allowed. Oh my God, what to do. Well first of all don’t jump to conclusions about your security system, feeling you’re being hacked or worry that there is anything amiss. The best thing to do in any business is to first, take a breath, investigate and then proceed. Hopefully you have all your wits about you, and are not too stressed, sleep deprived or overly paranoid before you go jumping around concluding things that may not be true. You don’t want to start harassing site visitors and announcing that they are hackers when this might all be just a misunderstanding on your part, and geez, worse yet – don’t tell anyone you are going to file criminal charges for something they had nothing to do with. In the legal world I’m not sure how the courts will view this, but likely they will feel that you did not do your due diligence before making the accusations and this could lead to a big legal action against you. You don’t want that now, do you?

Most professionals have two sets of IT eyes on things to ensure they are not making rash decisions when it comes to forum security. It’s likely part of your obligation as a provider of services and you might consider it an important aspect of business especially if you are a large company with possible legal exposure.

Now, Can people access a private forum? A little googling will answer that for you. Not really but yes they can “appear” to be there. Anyone who is wandering around with time on their hands can put your url into the browser and start switching around numbers to see what is out there. A hidden forum or a private forum might appear, but likely they will only see a login or an error message. While you, sitting in the forum will see them browsing simply because the call to show who is browsing is higher on the list than the error message or login form. Fear not. You are safe. All those wild thoughts about hackers and site violators can be put to rest. Nothing is amiss except the subtle reminder that you need a qualified professional to explain to you what is going on, and possibly a lawyer if you’ve already banned members and jumped to conclusions, pointed fingers and made wild accusations about someone trying to find out what you’ve been thinking or worse yet, accused anyone of trying to take down your website. If you’ve already gone that far my advise now is put a nice apology in writing and last but not least get a lawyer.

If things haven’t deteriorated to this point and you need more help and don’t have a Phpbb forum site admin or web designer, check out our services or ask your host for more help.

Any questions?