• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Xenforo Security and Hosting

borbole

Well-known member
#4
Your recommendations for best Xenforo setup and hosting requirements for hi-end xenforo security.
XenForo in itself is very secure. There has never been a security vulnerability found in its code.

That being said, regarding the host, have a look around at webhostingtalk.com.
 

florencia

Active member
#5
If you had a forum for ex presidents of the United State for example. You would like their forum threads be very secure. How would you recommend setting up Xenforo ?
 

florencia

Active member
#7
I think close registration is the best option as well. Do you need to have private nodes even if you have close registration or it makes no difference at this point?
 

oman

Well-known member
#8
I think close registration is the best option as well. Do you need to have private nodes even if you have close registration or it makes no difference at this point?
Depends if you want to restrict viewing to a whole usergroup or just a few people...
 

oman

Well-known member
#11
Maybe it wasn't clear. Does nodes provide an extra security level to the close registration?
Nodes are only forums/sections you add. Permissions on those nodes would add an extra security level.

You can also close your board so only administrators can access it: Options >> Board Active.
 

Tracy Perry

Well-known member
#13
What is your budget for hosting? To "secure it" I'm assuming you want DDOS services, management of the server and forum management? Hope you got some big bucks handy for the site.
Two factor authentication goes a long way towards securing it.
I use it for the sites and also to lock down SSH access to the servers (in addition to using keys).
 

florencia

Active member
#15
What is your budget for hosting? To "secure it" I'm assuming you want DDOS services, management of the server and forum management? Hope you got some big bucks handy for the site.
Two factor authentication goes a long way towards securing it.
I use it for the sites and also to lock down SSH access to the servers (in addition to using keys).
Tracy, I will reply more in detail about our project in private message.
 

WSWD

Well-known member
#17
The only 100% secure solution is not putting it on the Internet. If it's on the Internet, regardless of what it is or what your budget, you're leaving yourself open to vulnerabilities. You just have to deal with that.

When you set up a server, just have a really good admin team go through and lock things down. I would recommend a place like Rack911. They are REALLY good at management and security. The absolute most secure would be a co-located server, with brand new drives that you purchased yourself and and were never used before.
 

Tracy Perry

Well-known member
#18
It's "fun" doing it yourself. I just got through setting up 3 VPS's on my new server and between CSF, Munin, SSH 2 factor authentication and a few other things I'm about ready to call it a night. :eek:
I've been waiting on a RapidSSL certificate notification to show up but hit hasn't yet so I'll have to wait until it hits for me to use it.
 

Floren

Well-known member
#20
I'm looking for top security bro! Starting from a dedicated or collocation or managed. Best setup to make xenforo secure for members.
Hire a consultant to setup securely your servers. None of the hosting providers I know have deep knowledge on a secure setup, all they care is to sell you the bandwidth. Not to mention a Linux distro was never designed to be secure from the start, as it was never designed to run web services.