I would advise against setting up the software for yourself (unless this is the type of thing you also do for a job)
Yes, if you are not a “tech person” / programmer / engineer of some sort / otherwise have experience with software, you should not set this sort of thing up yourself. You should find/hire someone to do it for you. That is not difficult.
I disagree with the rest of what you say.
Choosing a free solution that is well-maintained is better than rolling your own. A standardized solution plus standardized exploits plus standardized mitigations to those exploits is better than a custom solution.
Basically, remember the situation when one person practically took down Less Wrong, and it had to be reprogrammed from scratch, because updating the original Reddit codebase would be too much work? Similar thing can happen when you use a free solution, and defending against it can turn out to be too much work.
First of all, as I recall, that wasn’t an “exploit” in the usual “software vulnerability” sense. Perhaps someone from the LW team who was around back then can better describe the details, but as I understand it, it was a design flaw in the “if someone does this bad thing, we have no good tools to catch them and/or prevent someone from doing it” sense. There is no reason whatsoever why a custom solution can’t have arbitrarily many such design flaws, and such an “exploit” in no way relies on having access to the source code or… anything like that.
And—again, to my recollection—old Less Wrong was never “hacked”.
But more importantly, the reason why any of this was a problem at all is that old LW used the old Reddit codebase—that is, one which had been deprecated and was no longer maintained. Indeed, it is a bad idea to choose such a platform, if you do not have a dedicated engineer to service it! This is why you should choose something popular and well-maintained.
For example, I linked MyBB in my earlier comment. It is updated regularly, and the developers clearly take securityvery seriously. I don’t know how much money you’d have to spend to get this degree of protection in a custom solution, but it sure ain’t a small number.
When you speak of standardized exploits to standardized solutions, I expect that you have Wordpress in mind, which is infamous for its exploitability (although I am unsure to what extent that reputation is still accurate; it may be an outdated characterization). But most web forums (which, note, Wordpress is not) get hacked approximately never. Ones based on well-designed, well-maintained, popular software like MyBB, even less so.
I also disagree with the advice to “use some cheap and simple solution that can (and will) be thrown away later”. In my experience, such platform choices tend to be quite “sticky”, and migration is often painful, expensive, and time-consuming. That is not to say that you should never migrate to a custom solution (although I am very skeptical about OP’s use case requiring anything more advanced than a good PHP bulletin board)… but even if you expect that you’ll want to migrate, it is far better to migrate from a basically working site which merely lacks some features you want, or has some annoying limitations, etc., than to migrate from a site which has broken or been hacked or otherwise exploded.
The fact is that a decent PHP-bulletin-board-type platform already is “a cheap and simple solution”. (Which can, of course, be thrown away later, but doesn’t have to be.) Trying to go even cheaper is setting yourself up for pain later on.
Perhaps someone from the LW team who was around back then can better describe the details, but as I understand it, it was a design flaw in the “if someone does this bad thing, we have no good tools to catch them and/or prevent someone from doing it” sense.
Yeah, the core issue was that there was basically no protection against people just automatically creating thousands of accounts and using them to downvote whoever they disliked. In-general, bot issues are one of the top reasons for websites that accept user submissions either need to have a strict manual review phase, or be continuously updated with defenses.
In-general, bot issues are one of the top reasons for websites that accept user submissions either need to have a strict manual review phase, or be continuously updated with defenses.
Indeed. And what you’ll generally find is that mature, widely-used platforms tend to have many and varied tools for dealing with this sort of thing, whereas if you build custom software, you end up having to handle many more edge cases, attack types, etc., than you’d expected (because it’s very hard to think of all such possibilities in advance), and the project just balloons massively due to this.
(For example, Simple Machines Forum—which runs Data Secrets Lox, and which I, on the whole, do not recommend—has all sorts of options for gating user registration behind verification emails / manual moderator approval / captcha / verification questions / etc.; it has moderation tools, including settings that let you enforce per-post approval, on a per-subforum basis; it has a karma system; it has built-in GDPR compliance features; and all of this before you consider all the optional modifications that are available… and SMF is not even one of the better platforms in this category! How much development work would it take a small team to get a discussion forum platform to this state? How much work would it take even to just build the core functionality plus the moderation/security/anti-spam tools…?)
I don’t agree with most of this.
I agree with this part:
Yes, if you are not a “tech person” / programmer / engineer of some sort / otherwise have experience with software, you should not set this sort of thing up yourself. You should find/hire someone to do it for you. That is not difficult.
I disagree with the rest of what you say.
Choosing a free solution that is well-maintained is better than rolling your own. A standardized solution plus standardized exploits plus standardized mitigations to those exploits is better than a custom solution.
First of all, as I recall, that wasn’t an “exploit” in the usual “software vulnerability” sense. Perhaps someone from the LW team who was around back then can better describe the details, but as I understand it, it was a design flaw in the “if someone does this bad thing, we have no good tools to catch them and/or prevent someone from doing it” sense. There is no reason whatsoever why a custom solution can’t have arbitrarily many such design flaws, and such an “exploit” in no way relies on having access to the source code or… anything like that.
And—again, to my recollection—old Less Wrong was never “hacked”.
But more importantly, the reason why any of this was a problem at all is that old LW used the old Reddit codebase—that is, one which had been deprecated and was no longer maintained. Indeed, it is a bad idea to choose such a platform, if you do not have a dedicated engineer to service it! This is why you should choose something popular and well-maintained.
For example, I linked MyBB in my earlier comment. It is updated regularly, and the developers clearly take security very seriously. I don’t know how much money you’d have to spend to get this degree of protection in a custom solution, but it sure ain’t a small number.
When you speak of standardized exploits to standardized solutions, I expect that you have Wordpress in mind, which is infamous for its exploitability (although I am unsure to what extent that reputation is still accurate; it may be an outdated characterization). But most web forums (which, note, Wordpress is not) get hacked approximately never. Ones based on well-designed, well-maintained, popular software like MyBB, even less so.
I also disagree with the advice to “use some cheap and simple solution that can (and will) be thrown away later”. In my experience, such platform choices tend to be quite “sticky”, and migration is often painful, expensive, and time-consuming. That is not to say that you should never migrate to a custom solution (although I am very skeptical about OP’s use case requiring anything more advanced than a good PHP bulletin board)… but even if you expect that you’ll want to migrate, it is far better to migrate from a basically working site which merely lacks some features you want, or has some annoying limitations, etc., than to migrate from a site which has broken or been hacked or otherwise exploded.
The fact is that a decent PHP-bulletin-board-type platform already is “a cheap and simple solution”. (Which can, of course, be thrown away later, but doesn’t have to be.) Trying to go even cheaper is setting yourself up for pain later on.
This all roughly matches my model.
Yeah, the core issue was that there was basically no protection against people just automatically creating thousands of accounts and using them to downvote whoever they disliked. In-general, bot issues are one of the top reasons for websites that accept user submissions either need to have a strict manual review phase, or be continuously updated with defenses.
Indeed. And what you’ll generally find is that mature, widely-used platforms tend to have many and varied tools for dealing with this sort of thing, whereas if you build custom software, you end up having to handle many more edge cases, attack types, etc., than you’d expected (because it’s very hard to think of all such possibilities in advance), and the project just balloons massively due to this.
(For example, Simple Machines Forum—which runs Data Secrets Lox, and which I, on the whole, do not recommend—has all sorts of options for gating user registration behind verification emails / manual moderator approval / captcha / verification questions / etc.; it has moderation tools, including settings that let you enforce per-post approval, on a per-subforum basis; it has a karma system; it has built-in GDPR compliance features; and all of this before you consider all the optional modifications that are available… and SMF is not even one of the better platforms in this category! How much development work would it take a small team to get a discussion forum platform to this state? How much work would it take even to just build the core functionality plus the moderation/security/anti-spam tools…?)