Hosting Vanilla Forums

Vanilla Forums

Vanilla Forums is an open source forum application and discussion framework. Vanilla Forums was initially released in 2006 and today powers discussion on over 500,000 sites.

1 click installation Vanilla Forums

1 click installation

Easy update Vanilla Forums

Easy update

Backup and restoration Vanilla Forums

Backup and restoration


Community Building
Current version
Last update
28 October 2019

System Requirements

Installation size
80.00 MB
open source
What's new


28 October 2019 - 80MBVanillicon
  • You'll see a new avatar after this update.

Rich Editor
  • Rich quotes of Discussions now display the user profile image.
  • All rich quotes now use the improved expand/collapse UI from reported posts.
  • Multiple images can now be uploaded at the same time.
  • Fix a bug where nested lists in Rich Editor would render improperly after being posted. vanilla#9332

Bug Fixes
  • Fix emoji suggestions not displaying.
  • Update Vanillicon email hashes.
  • Fixed a bug causing javascript not to execute in older browsers.
  • Fix notifications not being sent to participating users.
  • Fix invalid/expired state token error when signing in.
  • Update Twitter addon to use platform's share links.
  • Fix dashboard category name rendering.
  • Improve URL handling in API v2 /media/scrape endpoint.
  • The time formats for some locales have been changed to the 24-hour format in accordance to their locale standards.
  • Fix unicode character handling in "leaving" page links.
  • Fix photo ID encoding in Getty Images embeds.
  • Fix preemptively join conversations.

Read more:


(security release)
4 September 2019 - 80MBSecurity
  • Fix possible request forgery using Facebook Social Connect sharing
  • Fix invitation codes not expiring after use
  • Fix users being able to dismiss a non-dismissable message
  • Fix passing post URL in request when flagging a post
  • Fix enumeration via user availability endpoints in private communities
  • Fix ability to send invitations when site not configured for invitation registration
  • Fix category validation in embedded comment posts
  • Fix ability to manually set ID when creating an invitation
  • Fix quote folding settings not requiring authenticated postback

  • Add React-based embed system (Embedded content gets a major facelift!)
  • Update OAuth2 addon to be OIDC compliant (This may be a breaking change if your OAuth 2.0 provider is not also OIDC compliant.)
  • Fix category validation when moving a discussion
  • Add notifications to users quoted in rich posts
  • Add active user sorting in mention list
  • Fix toggling verified status on user profile not properly refreshing
  • Fix slow pruning of access token tables with a high number of rows
  • Fix changing window hash sometimes causing infinite loop
  • Fix moderation queue alignment on mobile
  • Add re-orienting of images uploaded with media API
  • Add new mobile dropdown style
  • Fix rendering rich posts with empty bodies
  • Fix Emoji support for Windows
  • Update padding in Message component flexible
  • Add route instance caching to RouteHandler
  • Update user content list styles
  • Update error reporting to include E_USER_WARNING

Rich Text Editor
  • Add newline to bottom of editor on click
  • Add alt-text input for images to Rich Editor
  • Fix min length validation
  • Fix editor paragraph positioning
  • Prevent editor crash with mention inside of inline code

Read more:


(major version) (security release)
11 July 2019 - 70MBThis release patches multiple medium severity security issues.

  • Fix invitation limits not being enforced
  • Remove dynamic RemoteUrl detection code to fix XSS vulnerability (note: This could potentially be breaking change for sites that were improperly configured using a method deprecated 7 years ago)
  • Fix potential security vulnerability in serveFile() method
  • Fix Right to Left override character scrambling URL on leaving page
  • Improper Access Control - API V2 media endpoint
  • Fix Path disclosure
  • Publish WordPress addon security fixes
  • Fix unprivileged setting of QnA status when adding or editing comments
  • Add additional rate limiting to some Vanilla sign-in URLs
  • Add rate limiting to SSO connect endpoint

  • Full Content Rendering for Moderation/Spam Queue

Bug Fixes
  • Update media resource management permission to Garden.Community.Manage
  • Fix incorrect editor selection handling
  • Fix Rich Editor responding slowly in some browsers
  • Fix clicking on Rich Editor mentions being able to crash the editor
  • Fix Css bug when creating a spoiler
  • Fix terms of user manager to display properly.
  • Simplify showing and hiding name and password.
  • Fix category following for members.
  • Fix Rich Post formatting while using search without Advanced Search.
  • Fix broken format when reporting a post
  • Ensure users can view their own profile information even if they do not have the moderator level permissions to view other users personal information
  • Fix category discussion type not respected when creating a question.
  • Add boilerplate/keystone theming styles fixes
  • Add state token support to Gdn_OAuth2
  • Add ability to set standard target after registration by invitation
  • Escape the title in Gdn_Theme::logo()
  • Remove file path from some upload error messages

Read more:


(major version)
17 June 2019 - 60MBHighlights
  • New Rich Editor features and improvements.
  • 100s of bug fixes.
  • Many medium-severity security issues reported via our HackerOne campaign are now resolved.
  • Improved default cache headers.
  • Deprecated some old classes, and removed some already deprecated ones.
  • Laid the groundwork for a new drafts & reaction systems.
  • Image upload limits.
  • Improvements to the Keystone theme.
  • Google SignIn.
  • Better SEO and performance w/ the DeferredLegacyScripts flag.

Read more:

Our Web hostings are compatible with
Vanilla Forums


Only the Web hosting

100% SSD Web Hosting
100 GB and +
Multi-site management
Advanced management of EV and DV SSL certificates
Anti-DDoS protection
10 GB of VOD

Learn more

from 5.75 € / month


The complete Web+Mail offer

100% SSD Web Hosting
100 GB and +
Multi-site management
Advanced management of EV and DV SSL certificates
Anti-DDoS protection
10 GB of VOD

Professional messaging
25 email addresses with unlimited storage

Online messaging
Instant messaging
Syncing contacts and calendars

Learn more

from 7.42 € / month

Cloud Server


100% SSD Web Hosting
100 GB and +
Multi-site management
Advanced management of EV and DV SSL certificates
Anti-DDoS protection
10 GB of VOD

2 CPU and +
6 Gb (RAM) and +
100% SSD
100% dedicated resources

Infomaniak manages your server

Learn more

from 29 € / month

Prices in EUR