Security Precautions for a teen site.

hi all

what security precaustions can i put in place to make my teen site safer? i use vbadvanced along with vbulletin.

thanks

 

detailed faqs on what info not to give out
limit the extent to which new members can interact
have reporting systems in place for suspicious activity
dont shows pictures to guests

 

yeh thats pretty much what i already do, i allow pms but have dissallowed email sending between members.

anyone else got some ideas?

 

Disable html on all parts of your vbulletin website. It's a good idea to disallow guests from posting messages at your board as it also helps in keeping the spam away. Do not use third party modifications unless you trust the coder & make sure that there are no security holes in that modification. I personally wouldn't install the bells and whistles on my forum because "most" of them are grounds to an exploit that could lead to sql injections e.t.c.

I used phpBB before I decided to switch to vB, and on that phpBB board, there was big security hole that I wasn't aware of. They (some russians, perhaps) uploaded a malicious mail bombing script with the help of that exploit to my cache/ directory and sent 1.40 million emails every single day.. I discovered it while browsing my cache & took appropriate actions.. nevertheless I learnt my lesson and moved on.

The most important of all precautions is to update your forum software as soon as the vendor releases an update. Also, do not give admin permissions to anyone. Password proctect your admicp and modcp with htaccess, change the directory name of your admincp/modcp, give appropriate file permissions (644) to your php files.

Thats all I know of at the moment.