Securing Your Board

As with any service on the Internet, zIFBoards and ZetaBoards can be broken into. A secure board is the first step to making it successful. There are several steps that you can take to help secure your board.

Secure Passwords

Having a secure password is one of the most vital things to do when securing your board. Passwords should contain letters, numbers, and symbols and should be 7-8 characters or longer. Passwords should never be told to anyone and should not be guessable, such as your favorite pet's name. See our guide on Choosing Good Passwords.

ZetaBoards staff will never ask for your password. If somebody claiming to be part of our staff asks for your password, do not tell them. Instead, please open a support ticket to notify our staff of this.

Email Accounts

Because of the Forgotten Password function of your board, the password to your email account is just as critical as the password of your board. If a cracker gains access to your email account, he or she can use it to create a new password for your admin account and can destroy your board. To avoid this, use a strong password for your email account. Never use the same password for both your board and your email account. One other thing to consider is using a secure, hidden email address for admin or moderator accounts. Because email accounts can be accessed using the Security questions like “Mother's Maiden Name” someone may be able to access your account using information you've posted online. They can't do that if they don't know what email address is connected to the account.

Choosing Trustworthy Staff

Choosing trustworthy staff is not only needed to create a successful forum, it is needed to ensure the safety of your board. A rogue admin could ruin years of work that you have put into your board in a matter of minutes. The most important thing you should have with the staff you select is trust. The staff you choose should be people that you would trust with your car or credit card, as well as your board. Your staff should be relatively active on your board.

Who To Avoid

There are some members that you should avoid making staff. Members that have left and joined your board several times do not make good administrators. Members that break or have broken many rules usually are not a good choice. Sometimes people will join your board with the sole intention of becoming an admin, rather than actually being interested in the forum. These members usually are not good administrators, and therefore should be avoided.

The following section of this documentation applies to zIFBoards only.

You should never give out links to any areas of your Admin CP. In rare cases, some specific links (specifically the part that looks like ?adsess=672b8176…) can grant an attacker access to areas of your Admin CP that could prove to be disastrous. An easy way to prevent attacks such as these is to simply never post links to any area of your Admin CP.



security.txt · Last modified: 2016/01/04 10:20 by Nicolas