phpBB

[Tiger Shark]

In addition, its not really the indexing thats the problem, its being indexed and cached.

Where Google is concerned yes, but other wise no.

I can come to your site and request robots.txt. If I get 404ed then you "have nothing to hide" if I get the file then I can see what you are trying to hide so I will go and look at it. It is publicly available so you have it there for someone to see - just not the whole world.

It's security by obscurity in it's worst form since you actually tell anyone what it is you don't want them to see knowing full well that once they know about it there are no further access restrictions on it......

[cacosapo]

It's security by obscurity

Just put you out of first shot

I cant consider this security by obscurity. If it is the ONLY security its a crap.

But as an aditional "Protection" (i cant really call it protection) is good.

I use to configure some servers that must reside on "internet" but isnt G.A. as this. I dont want that they get indexed and ppl try the links just because "its on google".

Of course those servers have a huge protection scheme too.
It helps when you dont turn the lights on at your brand new ferrari parked at your house...

precaution maybe...

[vzmule]

I run several sites with phpbb, some high traffic, and have been happy with it.

If you watch the phpbb site & bugtraq and patch vunerabilities when they come out, you probably won't have any problems.

Additional security measures I take on my high risk sites:
IPs that admin accounts can be logged in from are hard coded.
Auto-Login is disabled for Admin accounts.
The /admin directory is password protected and set up with htaccess.
Globals are turned off.
etc.