Free Flarum hosting on an expert platform by FreeFlarum.com

SKevo

This is a free, community provided service. It has been running for over 5 years, and currently hosts more than
5 000 online forums, with more than 20 000 forums ever created.

Create your own Flarum forum instantly!

Benefits:

Get an instant playground to get started with Flarum;
Get a forum running at no costs;
Don't waste time with Composer, getting VPS, SSL or web server configuration;

Features:

Use your own domain name or YOURNAME.freeflarum.com / YOURNAME.flarum.cloud;
All the best extensions are pre-installed (see live list) or request new extensions here;
No maintenance required, patches will be installed for you;
Export your data at any time (no lock-in!);
Grade A SSL for every forum;
Monitoring and adequate security is in place;

See the site for more information or post your questions below.
https://freeflarum.com

Franz

SKevo Thanks for spreading the love! ?

I hope you don't mind me asking: do we know you under another name on this forum?

TejaHarjaKusumah

SKevo Thank you now i can build my own forum without worry to SSL cert
I Love It
Keep it On!

Whoami

SKevo it's possible to remove the credit link? (Paid)
And it's possible to edit forum mail text in FreeFlarum as i want?
Cause i think it's important if your audiences still don't see with english

thedude

SKevo Please add this extension https://discuss.flarum.org/d/849-hyn-default-group-assigning-default-group-to-new-users

Ralkage

Simply amazing service and blazing fast response times!

I do have one suggestion though as it can be quite beneficial. Flagrow's Bazaar extension would be perfect for this set up, you should add it as a default extension upon creating a new Flarum instance. It's basically a marketplace which showcases extensions and allows installation of them without touching SSH whatsoever. There's tons of features that comes packed with Bazaar as I vouche for it as one of the best extensions in this community to date ?

@luceos, the creator ?

SHC

Ralkage Bizarre

Uhm.. it's not bizarre but it's Bazaar. The latter means a market (literally) in Hindi, Telugu and in most Indian languages I'm aware of. Bizarre on the other hand is completely different, translates to weird, etc.,

Sanguine

Thanks for all the kind words!

Ralkage Flagrow's Bazaar

Would love this! Only, how to integrate with a SaaS service? Two issues:

More extensions mean its harder to do central maintenance (upgrades, hack prevention etc).
The ability to add arbitrary extensions opens up a security hole, as unverified users could run PHP code. Soon, the servers will be owned by spammers and phishers ?

0E800 Add a email verification before the instance is created.

Thanks, didn't expect somebody to write a scraper so soon ? Will make an IP and email limit.

0E800 Make more extensions available.

Which ones? Is there a list of extensions ranked on popularity/downloads?

Franz do we know you?

I'm new to Flarum! Have sent you a mail with more info.

Ralkage

SHC you can blame autocorrect for last-minute fixes ?

0E800

First off, nice implementation. My Flarum instance was created in an instant.

You gotta love meh !

Im first to own:

https://forum.freeflarum.com/

#winning! #tigerblood

Maybe you want to discuss FreeFlarum or maybe you want to discuss Flarum.

Runners up:

the-forum.freeflarum.com
a-forum.freeflarum.com
ollyollyoxen.freeflarum.com

Expecting a " we regret to inform you.., apologies for the inconvenience.." email eventually. ?

Recommendations:

♦ Add a email verification before the instance is created.
(Wonder how quickly a simple automated python script could pump out random flarum instances)

♦ Make more extensions available.

luceos

Sanguine I'm new to Flarum! Have sent you a mail with more info.

I've also reached out to you via the email address on the site. Was wondering whether you got it at all ?

SKevo

@Sanguine
I have a question. I have noticed, that Bazaar allows users to install extensions to Flarum throught the admin panel (or at least I understood it like that). Wouldn't that be a better way to go?

Sanguine Would love this! Only, how to integrate with a SaaS service? Two issues:

More extensions mean its harder to do central maintenance (upgrades, hack prevention etc).
The ability to add arbitrary extensions opens up a security hole, as unverified users could run PHP code. Soon, the servers will be owned by spammers and phishers 🙂

Yes, I saw that too. But Bazaar is also highly extendable extension. Couldn't it be possible to modify the source code of Bazaar for your needs? You could disable certain extensions that are able to run php codes, etc...
Thank you for adding extensions I sent there btw, someone finally listens to me xD
~~why do I like how you put smiley face after a sentence, that says servers will be owned by spammers and phishers, hmmm ok nvm~~

Neuron

Sanguine
welp adding custom domain is pain in the a**

Sanguine

luceos Was wondering whether you got it at all

It works ? You have mail.

Other subject: I'm not a frontend dev and some people reported that https://www.freeflarum.com doesn't render correctly on "Windows". Could anyone confirm? I just used a basic bootstrap template. What's the best way to verify cross browser compatibility? Learning here ?

duman

Do you use https://www.upcloud.com/ UK servers for hosting? @Sanguine

Sanguine

duman Yes! ? If the service gets enough traction, we could add servers around the globe for better speed in Asia, Australia and the US.

PS. I say "we" but it's just me for now. Would love to work with @Toby and @Franz

duman

Sanguine Okay. That's great but you need to fix some errors in your SSL and system.

https://www.ssllabs.com/ssltest/analyze.html?d=www.freeflarum.com

You get a B. "Solid SSL protection is standard with every forum. No eavesdropping." may be obsolete.

This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B. https://weakdh.org/

This server's certificate chain is incomplete. Grade capped to B.

Best of luck with your project.

Bonus:

If you run a server…

If you have a web or mail server, you should disable support for export cipher suites and use a 2048-bit Diffie-Hellman group. We have published a Guide to Deploying Diffie-Hellman for TLS with step-by-step instructions. If you use SSH, you should upgrade both your server and client installations to the most recent version of OpenSSH, which prefers Elliptic-Curve Diffie-Hellman Key Exchange.

Sanguine

duman Thanks for pointing that out. It now scores a beautiful green A ? I could set A+ but that would block Android <= 4 visitors.

https://www.ssllabs.com/ssltest/analyze.html?d=www.freeflarum.com

duman

Sanguine You're welcome!

343151

Sanguine

This server supports TLS 1.0 and TLS 1.1. Grade capped to B.

thunder

Hmm.. I'm just wondering what Flarum.info could be used for now. ?

0E800

@Sanguine

Your site looks fine on Edge and Chrome from Windows 10 x64.

Sanguine

FYI I've just added these fine extensions, see the first post for the total list.

        "flagrow/byobu": "^0.1.1",
        "davis/flarum-ext-socialprofile": "^0.2.3",
        "xengine/flarum-ext-markdown-editor": "^1.3",
        "reflar/user-management": "^0.1.4",
        "sijad/flarum-ext-links": "^0.1.0@beta",
        "reflar/gamification": "^2.0",
        "pladask/flarum-ext-norwegian-bokmal": "v0.1.0-beta.5.5",
        "enver/flarum-ext-turkish": "^1.0",
        "nearata/flarum-ext-italian": "^0.1.0@beta",
        "ahrasis/flarum-ext-malaysian": "dev-master"

Filodz1001

Sanguine
Hi,
Very good job!
Can you add french extension ?

0E800

Sanguine

May you please add:

Landing Page Extension
composer require johnhearfield/flarum-ext-landing-page
https://packagist.org/packages/johnhearfield/flarum-ext-landing-page

Profile Image Crop Extension
composer require wiseclock/flarum-ext-profile-image-crop
https://packagist.org/packages/wiseclock/flarum-ext-profile-image-crop

Flagrow Masquerade Extension
composer require flagrow/masquerade
https://packagist.org/packages/flagrow/masquerade

Media Embed Extension
composer require s9e/flarum-ext-mediaembed
https://discuss.flarum.org/d/647-s9e-mediaembed-embed-videos-and-third-party-content

AutoImage and AutoVideo Extension
composer require s9e/flarum-ext-autoimage
composer require s9e/flarum-ext-autovideo
https://discuss.flarum.org/d/3789-autoimage-autovideo-turn-static-links-into-images-videos

Pages Extension
composer require sijad/flarum-ext-pages
https://discuss.flarum.org/d/2605-pages

In order to prevent users from posting image trackers intending to harvest IP addresses of other users, may you add a Content Security Policy?

Here is my CSP. It allows for youtube, amazon, gravatar, cdjns and a few other site content to be loaded.
If someone tried to embed an tracker pixel hosted on a site that is not included in my CSP, it will not show up and therefore wouldnt work. Something to think about.

add_header Content-Security-Policy
"default-src 'self' https://*.keys-daggers.org https://www.google.com https://*.youtube.com;
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://en.gravatar.com https://cdn.pubnub.com/pubnub.js https://www.gravatar.com https://keys-daggers.org https://pastebin.com https://www.google.com https://www.gstatic.com https://cdnjs.cloudflare.com;
style-src 'self' 'unsafe-inline' https://keys-daggers.org https://cdnjs.cloudflare.com https://netdna.bootstrapcdn.com https://fonts.googleapis.com https://cdnjs.cloudflare.com;
img-src 'self' https://www.gravatar.com https://keys-daggers.org https://unsplash.it https://*.ssl-images-amazon.com https://*.imgur.com https://cdn.jsdelivr.net data:;
font-src 'self' https://keys-daggers.org https://cdnjs.cloudflare.com https://fonts.gstatic.com https://netdna.bootstrapcdn.com;
connect-src 'self' https://*.pubnub.com;
media-src 'self';
object-src 'self';
form-action 'self';
upgrade-insecure-requests;
block-all-mixed-content;";

Sanguine

Filodz1001 Can you add french

Done!

0E800

Great, thanks for the convenient overview. Have added all extensions. Put CSP on my todo.

Felli

0E800 To add to this list I'd suggest adding the below and removing Landing Pages as it has issues with the ACP.

Discord Widget

composer require HugoGit/flarum-ext-discordwidget

Summaries

composer require jordanjay29/flarum-ext-summaries

User directory

composer require flagrow/user-directory