Good Evening. >> eg. I am looking at Drupal for my own site and I find venturing into the >> modules portion of drupal immediately drops the quality of code, and even >> the ownership of security issues. It seems Drupal guys dont take on >> security issues for things that come from the modules or related projects >> that are being used inside drupal. >> > > We (in my day job) see the same security issues for Joomla based sites when > modules are used to extend core functionality. Site developers/owners are > quick to extend functionality by installing additional plugins but then > don't want the responsibility of maintaining multiple packages/plugins on > the server. It just adds a further layer of complexity as any plugins need > to also be separately monitored (and maintained) for security updates. That's definitly true and why I try to leave most of the code as-is and add nearly no additional modules. I personally like Joomla very much. There where some annoying security issues in the past but I still believe in the stable code-base. The Joomla phpBB bridge is non-invasive and should just work fine. If someone is interested in testing I could give him/her an account on gcug.de which will be merged when de.centos.org is going to happen. This makes use of Fireboard, but I think I could also offer an phpBB installation. I could also transfer the installation to a testing VM if someone could grant me access. Best Regards Marcus