Let's be honest, would it really matter? I'd say a large majority of the vBulletin owners here are the "click-and-play" types, who understand as much about security as they do quantum mechanics. They indiscriminately install modifications with no regards as to server load, hook conflict or, yes, even security. Most people who get "hacked" are asking for it. They're generally the forum with the more modifications installed than members.
How can one really be secure without understanding the priciples behind why what they currently have is inherently insecure. At best, you would have a forum of security suggestions where people would simply peruse the thread looking for various step-by-step instructions on how to do something -- not even understanding why it is they're doing what they're doing. I just see the whole thing as a wasted effort, really. vBulletin.org does a decent enough job of trying to keep hacks with security risks under wraps and out from public consumption -- that's really all you can ask for.
You want to be truly secure? Don't run a site. You want to be relatively secure? Run a default vBulletin installation. I'm not trying to be a prick, I'm just being honest.
|