Most sites are hacked because of incorrectly configured access chmod (second place outdated cms modules, sql-injections, etc.). So how do I set up chmod properly in phpBB forums?
All folders 755
All files 644
Four exceptions where we set 777:
files – so that users can upload files to the forum
cache – so your hosting will not complain about the load
store – to install extensions
images/avatars/upload – to upload avatars