Here's some things you can do to increase the level of security for your forums:
1. Always upgrade to the latest stable version.
2. Password protect your fusion/cp directory using .htaccess/.htpassword
http://www.javascriptkit.com/howto/htacc...
3. Make sure the fusion/install directory is NOWHERE on your website after you upgrade or install.
4. Make sure all the Admin and Mod passwords are secure. Change them if you have any doubts. And use hard to guess passwords.
5. Make sure ONLY TRUSTED MEMBERS can do following. Limiting access to these helps prevent file type change hacking
in Forums Permissions
- Can Use HTML in Posts
- Can Attach Files to Posts
- Can Attach Multiple Files to Posts
- Can Use Lightbox
In Control Panel Permissions
In Site Permissions
- Can Use uploaded avatars
- Can Attach Files to Private Topics
- Can Attach Multiple Files to Private Topics
6. NEVER allow HTML in posts, PMs or in sigs.
7. If you have phpMyAdmin make sure it's password protected.
8. If you suspect a hacking attempt, ask your host to change the login password for your web account.
9. Make absolutely sure there are no viruses, trojans or keylogger spyware on your PC. Any of these could steal your password and other personal info.
10. Use a different password for each forum you sign up with. Use a different password for your forum as you do for the .htaccess directory password.
Note your forums are only as secure as the passwords you use and the server it is on. If the server is accessed then there's nothing Fusion can do to prevent potential security violations.
