How can I stress-test / spam my own forum when I'm unaware of any vulnerabilities? - how do i practice security

[Ellis]

I just finished my site using the world's best programming language aka PHP. Now, I've made extra sure that my site is pretty secure, it can't be SQL injected or anything, has fair rate limiting, and a sweet mod suite.

As the guy who programmed it, I'm unaware of any vulnerabilities but there's always going to be the event where some script kiddie comes up and uses some kind of vulnerability on my server that I wasn't even aware of. Additionally I do not know how to properly stress test my forum against a situation where a dedicated group of spammers try their hand on it.

Do I have to start asking random people on the 'net if they can try their hardest to break my shit or should I just roll with it blindly 'n say whatever happens happens?
Thanks, fellas

 

[We Are The Witches]

You're in Q&A, I'd suggest Stack Overflow & friends who can help you with that. Asking people to try to break it sounds interesting, and it's part of the learning process, even for the owner of this site itself.

I think last time they tried something they exploited KF chat and starting/closing BBCode tags, so innovation often comes with trial and error, and with unsuccessful attempts that force you to improve.

 

[Poison]

No one cares enough to hack into your gay little website.

 

[skunt]

Additionally I do not know how to properly stress test my forum against a situation where a dedicated group of spammers try their hand on it.

get 100 bucks and hire 20 jeets on fiverr, at least one of them will find something. be sure to make it clear you don't accept AI work either.

 

[Moths]

Leave the site up in china for 5 minutes