How to run a successful forum: Overall Security

Shawn Gossman

Tazmanian Master
Joined
Dec 16, 2005
Messages
8,071
Shawn Gossman submitted a new Article:

How to run a successful forum: Overall Security

How to run a successful forum: Overall Security
BY: Shawn J. Gossman (www.TheAdminZone.com)

Welcome to another one of my How to run a successful forum articles! In this article, I will discuss forum security and membership security. It is very important to keep your forum, members and staff secure and safe or you forum can fail dramatically and be dead to the internet world. You should use this article as a basic way of maintaining a secure forum for your members and staff. You may post this article on your own website as long as you keep my name and TAZ link attached. This article is copyright 2009 by the original author, myself, Shawn Joseph Gossman.

Securing your forum!

You need to make sure you forum is secure before you start to build your community. A secure forum will step up the level of security for other staff and members as well as guests who visit your forum. Below are simple and basic ways to keep your forum secure and risk free:

  • Rename your Admin Control Panel to something that would not be easy to figure out. This will help keep non-staff members from trying to get into your admin area.
  • Make sure all folders and files have the correct CHMOD permissions. This will help prevent your forum from getting attacked by hackers and other forms on internet terrorists.
  • Make sure your forum is up to date. Make sure you take the latest security and major upgrades so that your forum is secure. Having older and non-updated versions of forum software can open up abilities for cyber terrorist hackers to attack and take over your community!
  • Hide your staff section boards from non-staff members. Don't even show the forum names to them, what they do not know about your staff section , the better security that you have.
  • Hire staff members that you can trust. Be vary careful who you make a main administrator and be careful who you give ftp and password/cpanel access to.
  • Remember to backup your forum regularly so you have a backup in case the worst happens. You should at least backup a few times a week so that you can restore content and members if you need to.

Staff Member Security

Another great way of keeping your forum secure is by developing a great security within your staff community. Below are some basic ways to make sure you have a secure staff structure.

  • If you have the feature to force staff to change their password every so often, enable this feature!...

Read more about this article here...
 
Last edited by a moderator:

host1plus

Aspirant
Joined
Aug 18, 2009
Messages
13
Thanks for this security resume.
But maybe it is possibility to see some ratings about various forum boards, systems?
 

Meatwad

Aspirant
Joined
Sep 29, 2009
Messages
10
This is a very nice set of guidelines and was a good read. Thank you for this detailed guide!
 

ernesthemingway

Neophyte
Joined
Oct 6, 2009
Messages
4
One thing to also keep in mind, is if your site does (god forbid) get hacked, it's important that your user's passwords can't get decrypted.

Using a salt in the encryption algorithm drastically reduces a hacker's ability to reverse the encryption hash.

Also, try to avoid MD5. MD5 is by far the easiest hash to decrypt. Try to go with SHA256 / Whirlpool, or even better, a combination of these.
 

Keitho

Aspirant
Joined
Sep 26, 2009
Messages
33
I tried renaming my Admin folder in my File Manager for my forum software Then i couldint access it even with the new name etc...
 

ernesthemingway

Neophyte
Joined
Oct 6, 2009
Messages
4
I can't say for sure without knowing what forum you're using, but you may want to check the .htaccess file in your root public_html directory.

If you see anything that looks like /admin/ just change it to /newfoldername/
 
Top