MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > My-bb security noob q's. (right forum..?)
Full Version: My-bb security noob q's. (right forum..?)
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Ethan-27

2011-02-19, 06:45 PM
Hi guys

Absolutely loving mybb, first day on it today and it looks and feels great.

This is the first forum/website Ive ever started to do and was wondering about the security side of things. Are there any general rules of thumb I should stick to e.g naming of certain folders, plugins available etc when using mybb...?



Thanks

Sajuuk

2011-02-19, 06:48 PM
Your site is only as secure as you make your passwords. If your passwords are easy to guess, then you will be hacked easily.

Rename the admin folder to something else and hide admin cp links so even if a hacker gets access to your account, he can't get to the AdminCP.

Install the Fake AdminCP plugin by Zash as another line of security.

Make sure that before you install plugins, there are good reviews about them and that they have been coded by respected members and staff.

Steven

2011-02-19, 06:57 PM
Here's a MyBB Blog post on the matter, Zash's Fake Admin CP modification, and Zash's "Six Methods to Protect Your MyBB Forums" tutorial post.

Diogo Parrinha

2011-02-19, 08:53 PM
You can also install MyProtection, it will make sure that if you get hacked, the hacker can't do much. (it will try to restrict the hacker's actions)

Ethan-27

2011-02-20, 06:11 AM
Thanks guys.

I'm gonna have a good look at the plugins in today and do some in depth reading about it.

I dont really have a clue how to hide cp links and as for passwords I only have one which I login with.

This is all very helpful info guys

Joshua Mayer

2011-02-20, 08:48 AM
(2011-02-20, 06:11 AM)Ethan-27 Wrote: [ -> ]I dont really have a clue how to hide cp links...

In ./inc/config.php, find $config['hide_admin_links'] = 0; and change it to $config['hide_admin_links'] = 1;. This will hide the admin panel link when you are logged in as admin.

Ethan-27

2011-02-20, 10:47 AM
Thanks Josh for all your help, what is the admin panel link and why is it dangerous...?

Does it consist of sequence in the address bar that never changes...?

Joshua Mayer

2011-02-20, 10:56 AM
The admin panel link is just a link to that ACP that is shown when a admin is logged in. It's not necessarily dangerous, but you can hide it, so if someone does manage to find your password, they won't be able to find the admin panel.

Ethan-27

2011-02-20, 06:42 PM
(2011-02-20, 10:56 AM)Joshua Mayer Wrote: [ -> ]The admin panel link is just a link to that ACP that is shown when a admin is logged in. It's not necessarily dangerous, but you can hide it, so if someone does manage to find your password, they won't be able to find the admin panel.

Thanks Josh
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > My-bb security noob q's. (right forum..?)