Support Forums

Full Version: Forum Security
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
As a new forum owner I have alot of things to worry about. But the foremost at this time is security.
I have recently been experiencing a burst in traffic, members, and posts. I think it's time to start some preventive measures against attacks and other such things.

Where would be a good place to start?

http://www.monetizationforums.com
I've made lots of posts about security. There are 3 basic levels. Server, Services, and Site. The 3 S's. Smile

At server level you're required to have a VPS or dedicated. You'll need to run a kernel based firewall.

At services level there are mods for apache like mod_security and suhosin. I also like mod_geoip. This will allow you to block by country very easily.

Then there is site level. You can begin with htaccess. Also make damn sure your site software is updated and that you don't use anything that could create a security hole.

Security is multidimensional. For some it's DDOS prevention. For others it's injections and intrusion. Do you have a focus?
I personally think my main focus is to prevent injections and intrusion. If my site is ddosed that's a temporary annoyance. If my forum gets deleted that's a whole other story.
Quite curious to learn more information relating to the Kernel based firewall, is it possible to pick one of these up for free?