Alternatively, would it not be possible to simply rename the main page to something obscure? Provided that it is not possible to browse the server folders, trawling for filenames, then if the forum page (or, better, the entire forum folder) was named xztkuyt.php (or something like that) and not linked to outside of here, the chances of anyone getting into it would be very small indeed.
Naturally, I'd want to see someone who knows more about web security than I do confirm that this would work before it was put into action. (Mark? Is that one of your areas?)