SMF 2.x Security and Moderation Settings - General

Started by Skhilled, February 13, 2011, 11:19:00 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Skhilled

These are some of the most important settings to help you fight against spammers, hackers and trouble makers.

The green "Check" listing tells you what setting you should check or have ticked.

The red "Uncheck" tells you what should be uncheck or have unticked.

The bold "Other" is for settings that do not have a checkbox and will be explained in detail.

1.  Go to Admin -> Configuration -> Security and Moderation -> General:

Check:
Do not reveal contact details of members to guests - Obviously, with this set you will not allow guests to view personal info about your users. A VERY good thing!

Enable error logging - Turns your forum's error log on so you can keep track of what is going wrong with your forum.

Require reactivation after email change - Logs email changes and verifies any email changes via the user's email server.

Enable reporting of personal messages - Allows members to report troublesome users, spammers who send spam via PM, etc.

Uncheck:
Allow viewable email addresses - Checking this will allow the email addresses of your users to be seen by normal users and guests (bots, spammers, etc.) This does not override the setting in a user's profile. It is highly suggested that you tell your users to not allow others to view their email address or otherwise make it public.

Disable administration security - Leaving this unchecked, disables the additional password required when entering the admin section. If you have moderation logging enabled, whoever logs into the admin will be added to the log and any changes will also be logged.

Other:
Failed login threshold - The number provided here will send a user to the Password Reminder screen after so many failed attempts. The default is 3.

Required strength for user passwords - The 3 settings are low, medium and high. I highly suggest that you set it to medium (cannot use your user name in your password) or high (must use a mixture of different characters to make it harder to decipher). Your choice.

Skhilled

This is now an article which can be found in the SMF 2 Security block and has been updated. :)