It depends. If your site’s hosted on a server in a particular country, the site content hosted on that server is usually bound by the legislation of that country - for example, say your site was hosted in a country that banned tomatoes (for want of an example), and that country banned any consumption of tomatoes, selling of tomatoes, or discussion of tomatoes, technically your site content could be in breach of the legislation of that country, as your data’s hosted in that country (whether you’d get away with it though’s a different matter).
Is the disclaimer they click yes to at sign up enough to protect me against ‘bad stuff’ (for want of a more technical term).
The short answer’s no. The longer answer is that providing you have a comprehensive terms of use for your site, comprehensive forum rules, and active moderation, your liability is reduced greatly.
I’m not sure of the exact legal position in Australia, but here in the UK, where a site accepts content from the public, a site owner’s jointly liable with the poster for any content posted. The main risk for forums is from the possibility of libel claims. Providing a forum’s being properly moderated though, and members are clear on what’s acceptable and not acceptable (and know that they’re not truly anonymous online and that they’re liable for anything they post), your liability would be minimised.
For example, I ran a forum until earlier this year. It was a medical support forum. At one point a few members decided they’d “name and shame” doctors they didn’t think had treated them properly. If a member had posted something derogatory about a doctor and that doctor had read that on the forum and recognised themself, theoretically they could have sued the member/site owner (me) for libel (there have been documented cases of sites/forums attracting legal action for libel in the past).
Members were initially not pleased when I closed down and removed the thread, and skeptical when I told them they were open to a risk of being sued over it, thinking they were “anonymous”, but quickly changed their minds when I pointed out I had a legal obligation to pass any information requested by law enforcement agencies, and that I wouldn’t hesitate to do so. After that incident I banned any “naming and shaming” and it was written into the forum rules that while members were free to talk about their medical situations, that doctors shouldn’t be named, or any details posted that could lead to a doctor or a hospital being identified. If someone inadvertently mentioned a doctor’s name or a new member named a doctor, a moderator would edit the post to remove any identifying information, and remind the member of the rules, and periodically we’d send out general reminders as part of our newsletter about why we didn’t allow the naming of doctors, and the vast majority of members didn’t have a problem with it. That was a very specific situation though, and we did have a particular problem at one point with members making defamatory comments on the forum - it possibly wouldn’t be such a problem for other forums.
Providing that you’ve got active moderators who quickly moderate inappropriate posts though and you make sure that forum rules are adhered to, you minimise the risk of any problems.
Running a forum’s a fine balancing act between playing bad cop and good cop, keeping everyone logged in and happy and keeping things running smoothly from a technical point of view. Some members aren’t always happy at being told they can’t say certain things, but if they don’t like the rules, they know where the ‘back’ button is.