Create profile question in admin and name it "Please put a check in the box" (or whatever). Done, automated spammers can't check the box on the sign-up page where the question is. Wasn't sure it this was shared already.
Thanks. Im not sure I understand what you mean by alias. Can you give me some hints and I will go research...
In a nut shell ... in Apache you can set up an alias in the httpd.conf file, I don't know anything about Lightspeed. Hacker web bots will scan your site for vulnerabilities eventually (disable indexing). Most are looking for WP site, no need to worry about them. But when they start scanning for phpmyadmin (check server logs), and you've taken no actions to protect it, you could possibly be in trouble if it's somebody who knows what they're doing.
When you create an alias, all your doing is renaming the phpmyadmin directory. Give it some crazy name no one will think of. There should an alias setting in your web server config file, you'll have to change the name there to match the name of the phpmyadmin directory.
As for disabling indexing on your site, see Apache example below (found in web server config file). The "-" sign in front means the option is disabled, no "-" means enabled.
Options -Indexes FollowSymLinks -Includes ExecCGI
Do all you can to protect your site ... but nothing %100 effective, just ask Facebook or twitter.
What basic measures do you take to protect your SE site? I'm running my site on Linux CentOS with Litespeed web server.... Looking for pointers in any of the following areas....
.htaccess settings MySQL: are there permissions that can be revoked from the SE user account? File permissions, which directories to lock down? Any other general, basic security tips appreciated... reps given too of course!
I'm on a totally different setup ... Windows, Apache. See if any of these tips help. Someone with a similar setup can probably help you better.
Use an alias on phpmyadmin. Disable indexing. Make your .htaccess files read only. Set your web server up to not allow anyone outside of your www directory. Password protect phpmyadmin (no brainer)
There are tutorials all over the internet on how to secure your web server. Some of the measure you find may be good for some, but not all websites. Before going live with a new security tip, test it ... because it just might shut your site down or cause something to stop working.
I agree with SPQR, your desktop specs aren't going to cut it on a live site with traffic. I'm still on my first server which I built two years ago, and no where near capacity. The only bottle-neck is the connection, 27Mb down, 7 up. The connection starts to slow down at 450-500 users online. CPU usage 1-3%, memory 12% usage.
MB - ASUS Z8NA-D6C
Mem - 16Gb Kingston DDR3 (Server)
240Gb OCZ SSD
x2 Intel Xeon E5620 Processors (12Mb Cache)
All the resources listed here are just for testing purpose and they shouldn't be used at any commercial environment without a valid license. Those are for users who wants to try them before buy. Help the developer to build it better by purchasing them from original authors.