Coffee Space – Coffee Space

Cyber Forum

Introduction

A friend and I were approached by the University to design and build a forum for hackers - something that is a fairly interesting task with strange requirements and constraints. We had the following criteria:

The forum must be secure to attacks - it will attract the type of people who would try and would be highly embarrassing for everybody involved.
The forum must run on phpBB - the person maintaining the software after our initial development is familiar with the code and it’s flaws.
The forum must have several type of groups with different scopes - it will be used for hacking challenges and the University hacking team (Netizens) alike.
The forum needs to look “hacker-ish” - a modern and relevant system seems more responsive to users irregardless of that being the truth.

Considerations

The following are the considerations we had whilst designing the forum software:

Security - The system must be secure against attacks and should employ all modern security methods to prevent attacks. Even with these considerations, one should also think about making sure that there is a plan after there is a breach also and how one would be detected.
Speed - We guess our user base to be no more than 500 users at any one point (peaking during a competition) and possibly no more than 50,000 users before a new system is implemented (possibly several years down the line). If we times these assumptions by a considerable larger number we believe we should be safe. One server should be ample power for the purpose of this system.
Style - We must also consider the style of the system after the functionality as our task is also to present the user with a nice user interface. Neither of us are particularly designers, but I believe we are more than capable of creating a hacker like style that people will enjoy using.

Tools

We have decided to use the following setup:

Debian - Simple and we both have experience with this operating system.
lighttpd - Originally looked at using nginx but it proved more effort than it was actually worth.
mysql - Was quick to get up and running and seems to be a well tested, feature complete database.