So You Want A Forum….
At some point down the line most webcomic websites realize it would be a good idea to set up a forum for their readers. It keeps them talking and interested in your stuff on days you don’t have a post going up, and allows your readers to connect to each other to form a stronger community. Plus it’s just fun to see what will be posted and what kind of feedback you will get.
I have seen many attempts to make a forum plugin for WordPress, but surprisingly I think it’s a bad idea.
Why? Because most hack attempts on sites originate from privilege escalation, where a regular user can somehow trick the site into thinking they’re an administrator. Most of the big content management systems that also work as forums (phpnuke, drupal, joombla, mambo) have had security issues related to this. I think it’s best to separate things like a forum, store, and other visitor login stuff from your main site to reduce the chances this can happen.
I like and use phpbb, but there are many others out there. The main differences come down to how they look, what features you can add (and how easy it is to do this), and how easy they are to administer. Phpbb for me sort of hits the middle spot for all of these. Whatever you do though, keep up on any updates or security patches that come out and add them as soon as you can–no one wants to see some porn spam as their main page of their site after getting hacked.
While I don’t really post much about phpbb here, I’ll definitely monitor it and post about updates and such to it also.
Contribute To ComicPress Development
The Developers of the ComicPress theme for WordPress are looking for feedback about what features people want for the next version of the theme. If you are using this theme or are considering it you should let them know what you want.
link: http://mindfaucet.com/comicpress/2007/06/03/comicpress-21-development/
Critical WordPress Exploit in Version 2.1.3
A critical exploit has been discovered in WordPress 2.1.3 related to the way WordPress admin cookies are accessed. A malicious user could possibly steal your admin password cookie and gain admin rights to your website. This is only an issue if you are using the default WordPress prefix of wp_ or are using an easy to figure out prefix. Unfortunately the only fix currently available is to upgrade to WordPress 2.2–which has it’s own set of major issues due to the widget changes and other new coding conventions introduced in that version.
I wish I could provide an easy fix, but there isn’t one. If you have a WordPress 2.1.3 site with a standard setting for the prefix (in the wp-config.php file) then you really should think about upgrading–do research on the upgrade though, its not very straightforward.
Change your WordPress prefix
One area of WordPress setup that many people miss is changing their database prefix. This is a setting in the wp-config.php file that determines what WordPress uses to talk to your database. By default WordPress adds wp_ to the front of all of your tables, but you should consider changing this to something very random.
Why? Well, an exploit has just surfaced for the 2.1.3 version of WordPress (and possibly previous versions) that allows someone to steal your admin password–but it only works if they know your WordPress prefix. Of course since most people haven’t changed this they know to use wp_.
Unfortunately it’s not a simple fix AFTER you have installed things. The prefix gets written to your entire database, so DON’T change it now after you’ve installed and are running, it’ll cause you to create an entirely new database within your current one, but not set to your current settings. The actual fix would be to download your database .sql file and use a text editor to change the entire thing (Ugh!).
Anyway, I’m updating my install tutorial to mention this important step.
Webcomic Community at Transplant Comics
The next in my series of Webcomic sites using WordPress is Transplant Comics, where you don’t get just a comic, but a whole community of comics! One of the best aspect of WordPress is it’s flexible ability to adapt to whatever you need it to be– In this case a portal site for a large group of webcomics.