The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
After install security
I just installed my first VB and I'd like to know what settings to change right out of the gate that will increase security and anything else I need to know.
I've been reading everything so far. thanks |
#2
|
||||
|
||||
Use the password protect with .htaccess in /admincp
Don't use unsafe mods that might have a possible exploit. |
#3
|
|||
|
|||
Where is that file?
|
#4
|
||||
|
||||
It's easy, really:
- Password protect your admincp and modcp directories with .htaccess, or with cPanel if available. Also renamed the directories, for example "forumacp" rather than "admincp". After doing so, edit your includes/config.php file. - Only give administrator/moderator permissions to people you trust. - Install as few modifications as possible, and only install stable ones you feel you need. - Don't spam other forums or rip content (you never know who might take offense). - Turn on CAPTCHA, and consider a hack such as "NoSpam!" for further protection. - Learn basic PHP and MySQL; If there is a problem, you need to at least understand the error message. - Always upgrade to the latest version as soon as it becomes available, and consider taking the board offline briefly if you do not have time. - Check up regularly on vulnerability sites such as milw0rm.com for possible vBulletin security issues. And of course, after installation remember to remove the install directory. Hope it helps. |
#5
|
|||
|
|||
Yes, thanks! Is there a good book that covers basice PHP and MySQL for beginners so I can get my feet wet?
|
#6
|
|||
|
|||
What's CAPTCHA, what's it do?
And how you get there? I'm curious. This thread made me curious about some things. |
#7
|
|||
|
|||
Captcha is default enabled by vbulletin, you can find all of its options in the vbulletin options. It is the numbers you enter upon registration.
|
#8
|
|||
|
|||
Ohh, that.
I turned it on. So, why should you password protect the mod and AdminCP? I mean, you want admins to enter passwords twice? |
#9
|
||||
|
||||
What happens when there is an exploit in the ACP? You're screwed. That's why you use the htaccess protection. Also, I would suggest having different passwords for the htaccess and user itself.
|
#10
|
|||
|
|||
Alright, I do see your point.
I'll fix it. |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|