HTML Logo by World Wide Web Consortium ( Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS. ocPortal 9 is superseded by Composr 10.

Head over to for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.

Security of OCP?

Login / Search

 [ Join | More ]
 Add topic 
Item has a rating of 5 (Liked by Guest)  
#88967 (In Topic #18014)

Fan in action

Historically, how secure is it?

I have over 12 years of CMS expience going back to the early days of PHPNuke forward to IPB today and pretty much everything in between. Some were good, some weren't.

I'm looking to migrate my large and very established IPB sites but security is paramount.

Thoughts? Experience?


Back to the top

We've had roughly 1 security hole found per 2 years. XSS vulnerabilities are mostly avoided as we develop on our own version of PHP that can detect unfiltered output. Other kinds of vulnerabilities are avoided through creating a framework that side-steps them. Attempts by hackers are often autodetected by ocPortal and the hacker IPs automatically banned.

Become a fan of Composr on Facebook or add me as a friend. Add me on on Twitter. Support me on Patreon
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about Composr whenever you see the opportunity or support me on Patreon.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying Composr on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: