Should my board use Tapatalk?

Tapatalk is a service that lets users interact with bulletin boards using mobile devices. Rather than going to a bulletin board with a mobile device’s browser, users can use a Tapatalk app instead.

Tapatalk’s app supports phpBB as well vBulletin, IPBoard, kunena, myBB, WoltLab, SimpleMachines and xenForo. Used with phpBB, you must install a Tapatalk extension downloaded from its website and configure it. If you have an older phpBB 3.0 board, a Tapatalk modification can be installed as well.

Tapatalk provides a common interface for accessing all these forum solutions. This makes things simpler for users if they frequent lots of forums, not all of which are phpBB, providing these forum solutions also integrate with Tapatalk.

In addition to providing a common app, more recently Tapatalk has started hosting their own forums which you can use, called Tapatalk Groups. This has some advantages: they maintain your bulletin board, and host it as well, so it’s effectively free hosting. Users use their app to interact with it. You may be able to import your phpBB bulletin board and create your own Tapatalk Group.

Tapatalk Groups have certain advantages. It’s mobile first. You can integrate donations to fund your board because it’s built into their architecture. But it will serve ads, which is how they normally monetize their service through donations. You can use its built in donations feature to help monetize your board. Spam protection is built in and some customization of the group’s look and feel is available. It’s also cloud hosted, making access very fast with extremely high uptime.

When used with phpBB, not only do you install their extension, but you must also upload a mobiquo folder to your board’s root directory. Most of the work between phpBB and Tapatalk is done by libraries in the mobiquo folder. Your users don’t have to use Tapatalk, but could access your board using a browser as well.

Tapatalk allows you to create a branded app, but they charge for this service. This allows people download your app, not a Tapatalk app per se. They would find the app in the store for their mobile operating system under your brand name. This obviously can simplify things. To access your board, people simply open your branded app.

About twenty percent of my clients have Tapatalk installed. These days, Tapatalk seems less useful. This is because phpBB is now responsive, i.e. you can use a browser on your mobile device to access phpBB and it will size down intelligently for the device’s screen size. Most styles for the old phpBB 3.0 software were not responsive, meaning boards were often be hard to read because they were scrunched down so much to fit the narrow screen width. You had to pinch to zoom in and read content in many cases.

Still, some would prefer to use an app optimized for bulletin boards rather than a mobile browser. For these people, using Tapatalk might be a preferred solution.

You won’t find Tapatalk as one of phpBB’s approved extensions. Why is this? It’s because their mobiquo library is proprietary software and works independently of phpBB’s software, so it violates its GPL-2 license. This makes it ineligible for inclusion in their list of approved extensions.

Also, the Tapatalk app provides a standard user interface, but it won’t reflect your board’s style. You can make posts, create topics and make attachments to posts, but any additional features made available through phpBB’s extensions cannot be used. So you won’t get the same experience with a Tapatalk app that you will get interacting with a web browser.

If you install the Tapatalk extension, be aware that it works outside of phpBB and may introduce problems.

Using unapproved extensions is dangerous

As more phpBB extensions are developed, they are becoming more popular. Extensions add functionality to phpBB beyond what is available by default. Based on my work with clients, most have extensions installed, so I factor them in when updating or upgrading their forums. They often need to be upgraded as well when a forum is upgraded or updated.

The phpBB Group maintains a database of approved extensions. Both the phpBB Group and me recommend that if you install an extension that you only install extensions downloaded from this database. This is because approved extensions are quality checked by the phpBB Extensions Review Team. The team thoroughly inspects the extension and ensures they adhere to all coding standards as well as use best practices to minimize security issues. An extension typically goes through a number of reviews before it is accepted, if it is accepted. So you can have confidence that if you download an official extension it is of high quality and secure.

If you are not familiar with how to install extensions, the instructions are on the Manage extensions page: ACP > Customise > Manage extensions.

Unapproved extensions fall into two categories:

  • Extensions in development
  • Third-party extensions

Extensions in development

Extensions don’t appear out of nowhere. Like all software, they go through a development process. You can see a list of extensions in development on that forum. The topic title is prefixed by the state of the extension in brackets. Links to the extension for downloading are in the first post. If you have feedback on the extension, you leave it as a post on the topic.

The phpBB group has extension authors self-certify the quality of the extension they are creating. This is similar to other software. The levels from most risky to least risky are:

  • [DEV] – Development – the extension is very recent and is being issued for feedback and to refine features. It should only be used on a test board.
  • [ALPHA] – Alpha – The extension is no longer in development. The feature set is largely set and the code quality has been refined. Traditionally an alpha release has meant that it is to be used “within an organization”. Alpha release testers are expected to provide feedback and significant bugs and security issues may be experienced. “Within the organization” has no meaning with phpBB so it simply indicates it’s out of the principle early development phase. Using it on a live, production board is quite risky and definitely not recommended. A download link is usually provided.
  • [BETA] – Beta – The extension is designed to be used and tested by a larger group of people. There may be significant bugs and security issues. It should not be used on a production forum, but the code quality should be pretty high at this point and most bugs should have been addressed. A download link is required.
  • [RC] – Release candidate – Most of the bugs have been found and fixed. The release candidate could be submitted for formal review for inclusion as an extension if no more issues are discovered as a result of testing. The extension should be stable with no more features anticipated. Using it on a production forum is not recommended, but if you choose to do so anyhow it is likely to work as intended and not show any problems. Release candidates are submitted to the phpBB Group extension review team at the author’s discretion.
  • [CDB] – Customise database. You will see this in the Extensions in development forum. It means that the extension is approved. There should be a link to take you to its official page on The topic is locked.
  • [ABD] – Abandoned. The extension author abandoned work on the extension. It is not approved, should not be used but some other extension author could take up working on the extension. These are placed in their own abandoned extensions forum.

There may be multiple versions of the extension in each phase. Generally extensions in development start with 0.1 and as an extension reaches Alpha or Beta stage it becomes 1.0. But there is no fixed standard for version numbers other than the PHP Composer guidelines. The extension is usually suffixed by the build quality, ex: 0.1.0-dev. The extension is usually downloaded from GitHub.

Third-party extensions

Third-party extensions are usually developed by commercial companies and typically tie into existing products outside of phpBB. Companies can submit their extensions for review by the phpBB group but usually don’t. This is because a review is time consuming. It can take months to get a review, then multiple issues must be fixed, and the extension resubmitted. This is not agile enough for many companies. In addition, the phpBB Group frowns on software that does not use an open source license. Many third-party extensions are issued with open source licenses but tie into products or services that are not.

When you use one of these extensions, you are assuming significant risk. Obviously, these companies don’t want their reputation besmirched, so generally they will take the time to write a quality extension and possibly adhere to the coding standards for extensions. But since in most cases they aren’t approved extensions, they are risky because they were not reviewed by the phpBB group to ensure their quality. They are typically downloaded from the company’s website or from their GitHub page.


Tapatalk is a smartphone app that allows you to use the same user interface to access multiple forums, phpBB or otherwise. Prior to phpBB 3.1 the Tapatalk modification was widely used because styles for phpBB were not responsive, i.e. did not resize intelligently for mobile devices. Since phpBB 3.1, approved styles must be responsive, so users can use a browser on their smartphone to access the forum without the hassle of the past. Still, many people like the convenience of using one app to access multiple forums, so Tapatalk developed an extension. It creates an interface between phpBB and the Tapatalk app.

This extension is not approved and likely would never be approved by the phpBB Group. Why? When you install the extension, although an interface is seen in the /ext folder as usual, there is also a /mobiquo folder installed in your forum’s root directory. The software in the /mobiquo folder does most of the work of communicating between phpBB and the Tapatalk app. Tapatalk is available for other forum solutions too, and they use a similar architecture. The /mobiquo folder does all the data munging, so it is unique and proprietary. phpBB’s extension architecture requires that all extensions work within the /ext folder. Since Tapatalk doesn’t do this and its data munging is proprietary, it’s unlikely to ever be approved. It’s clear that Tapatalk developers don’t want to try.

More importantly, Tapatalk injects a major vulnerability in that it can bypass phpBB’s functions that do important work like posting to the database. This makes it dangerous. You should encourage your users to use a mobile browser instead of Tapatalk to access your forum. Ideally, you should disable and uninstall the extension.


Cleantalk is an antispam service. Cleantalk’s extension for phpBB is approved, but it’s very old (2016 as of this writing). It may be that a newer version of the extension has been submitted for review, but the version on probably won’t work on phpBB 3.2. If it does, it’s missing many features. So as a practical matter, if you use Cleantalk you will want to get its most recent published version off of GitHub. Just bear in mind it’s a version that has not been approved by the phpBB Group, so using it may be risky.

Proprietary style user interfaces

Many proprietary (paid) phpBB styles come with a user interface that makes it easier to customize the style, doing things like changing background colors easily, swapping in different logos, changing fonts, etc. Because these styles are proprietary, they are not free and thus not allowed on the list of approved styles for phpBB. Consequently, extensions bundled with their styles are not approved as well. Using a proprietary style incurs some risk by itself. Using an extension used to manage the style adds additional risk.