News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

New to running a forum, what do I need to consider--especially about security

Started by Pene, April 21, 2010, 03:24:52 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Pene

April 21, 2010, 03:24:52 AM
I am setting up my first forum and trying to get everything in place before I enable registration.

What do I need to know and learn about protecting my board...and where can I learn it?
Books, particular links...?

Does anyone have a checklist I should complete before enabling registration? (not just about security)

My topic is a support group for spouses dealing with abandonment and infidelity, so it is not light stuff.

I'd love any feedback, thoughts or ideas anyone may have.

Thanks,
Penelope

Antechinus

#1
April 21, 2010, 04:51:44 AM
Without getting into highly technical stuff..........................

Do not allow html in posts. Do not allow Flash embedding in posts. These are settings under Posts and Topics in admin.

If you are concerned about people's privacy there is an admin option to hide members' contact details from guests. This is handy if someone has things like email or location visible in their profile.

Don't allow guest posting (it's asking for spam) and in particular do not allow guests to upload anything to your server. You may also wish to restrict uploads for new members (I do).

Use a reliable host with a good security record. Use really solid passwords for everything. Don't appoint anyone as staff unless you know them well and trust them.

That should keep you out of trouble.

Pene

#2
April 23, 2010, 04:24:09 PM
Thanks.

I think I'll also allow PMs only after a set number of posts to avoid spam. An smf site I am on was was hvaing a problem with spam PMs recently.

What about mods for things like bad behaviour...anti spam links?

OR should I wait to ad mods until 2.0 RC3 is out of development...will I have to reload any mods at that time?

Antechinus

#3
April 23, 2010, 04:29:30 PM
You will have to reinstall mods for RC4 and Final. Release candidates can't be upgraded via a simple patch. The good news is that the changes from now on should not affect most mods, so updating them shouldn't be a big deal. I would say you're fine installing mods for things you actually need, but I'd try to avoid going overboard on frills until you're more comfortable with the software. :)

Restricting PM's for new members sounds sensible too. 

Spam prevention mods can be found here: http://custom.simplemachines.org/mods/index.php?action=search;type=19

Nickhead

#4
July 08, 2010, 06:51:01 PM
how does one disable the necessity of providing email for guest postings?  with a default name like 'guest' or 'anonymous coward'?

.Org, .Net, .Com
Print
Go Up Pages1
User actions
Advertisement: