SMF Security Tips – How To Secure Your Forum

by Christopher Maiorana

1 Minutes, 52 Seconds to Read

SMF security tips

Managing an SMF forum is not all fun and games, even though moderating your forum can be a lot of fun. You must keep in the mind that your forum is coded in PHP and relies of an SQL database to serve content. PHP is very secure, but there is always a possible for code injection, malicious file includes, or other forms of malicious code and surface attacks. Basically, your forum is not impervious to harm that others might do to it. Nevertheless, there are some easy SMF security parameters you can put in place to put your installation is a good position.

Make sure your business, agency, or reseller clients are always connected and powered on with our optimized Managed VPS Hosting.

Some SMF Security Tips

In this article, you will receive some basic SMF security tips that come in two forms: 1) general knowledge, 2) actionable items. The general knowledge informs you about the basic technology behind your installation, so if there’s a problem you’ll at least know where to look first. The actionable items are necessary steps you can take to harden your site.

Database Vulnerability

Your database itself has its own username and password. Remember that you must never share the database password with anyone who does not have privileged access to the site. If you installed SMF with Softaculous, the chances are the database password is mysterious even to you, which is fine. This makes it less likely that you would share the password without realizing it.

Backup Your Files and Database Frequently

To backup your files, you can use a simple protocol like FTP. This is the easiest way to save a backup of the core SMF files that run the app. And you can easily export your database with phpMyAdmin. With recent backups available you can always quickly and easily restore your site in the event of a hack.

Turn Off File Uploads For Guests

Remember that by default your SMF forum is open to the public, meaning that guests can peruse the forum topics and get information. However, this is where guest participation must end. You are best advised to deny guests the ability to upload file attachments of files of various media types. This will help you avoid remote file inclusion and other exploits.

Learn more about the differences between cloud hosting vs VPS hosting.

CM
Christopher Maiorana Content Writer II

Christopher Maiorana joined the InMotion community team in 2015 and regularly dispenses tips and tricks in the Support Center, Community Q&A, and the InMotion Hosting Blog.

More Articles by Christopher
Related Articles
Changing your logo in SMF 2.0
How to manage your theme settings in SMF 2.0
How to Create Private Boards in SMF
How to install a new theme in SMF 2.0
How to create a new forum in SMF 2.0
Editing your SMF 2.0 Bulletin Board Code settings
How to Install Simple Machines Forum (SMF)
How to locate your SMF 2.0 installation’s database name
How to manage Categories in SMF 2.0
How to configure your SMF 2.0 censored words list

Was this article helpful? Join the conversation!

Need More Help?

Current Customers

Chat: Chat with Sales
Call: 757-416-6575 x2
Ticket: Submit a Support Ticket

Get Reliable Web Hosting

Chat: Chat with Sales
Email: [email protected]
Call: 757-416-6575 x1

Get web hosting that grows with your business. Our all-in-one hosting platform gives you everything your website needs to scale - so you can focus on the next big thing for you and your business.