Keep your SMF version up to date and be on the lookout for security updates. You can also heed the following advice.
Password Security
Be sure to change your passwords often and don't use the same password for everything. You should have different passwords for each of the following.
- FTP
- Database (MySQL, PostgreSQL, or SQLite)
- PhpMyAdmin
- SMF Administrator Account
The most important password is the database password. This is the same password you use with PhpMyAdmin or any other database management control panel. This password is stored in the Settings.php file. Don't re-use this password for your FTP or your forum administrator account.
Additional Password Tips
- Make sure your passwords are difficult to guess. You can do this by making sure your passwords do not relate to you (i.e. your spouses name), by mixing capital and lowercase letters with numbers, and by using special characters where applicable.
- Frequently backup your database and FTP files and make sure you understand how to restore these backups.
- Delete temporary files such as install.php, converters, recovery tools, etc.
- Delete any login failures made by administrators from the error log.
- Do not allow guests to upload anything.
- Do not allow .exe or Flash files to be uploaded or displayed.
Main
Configuration
- Core Features
- Features and Options
- Security and Moderation
- Languages
- Server settings
- Current Theme
- Themes and Layout
- Modification Settings
Forum
Members
Maintenance
Miscellaneous
- Security Tips
- Building Your Community
- Performance enhancements
- Modifications - A mod broke my forum what should I do