Like most sites, I sometimes get idiots trying to break in.

VB lacks decent security audit logging or alerting.

I would like to be able to review the following events in the CP.

All invalid user/password attempts in last n days, with time/date and IP address used (then I can report this to their ISP).

Any attempts to access forums or do other things without permission.

List the IPs a user has used, even if not posted from them.

In addition, any failed attempt to guess an administrator or moderator password should be immediately Emailed to that person.

More advanced features such as forced password change intervals for admin/mods (ie required to change after n days) would be great. And password content rules would help.

All in all VB security is a little basic right now..

Check out the "adminlog" table. (probably in something like phpMyAdmin)

That log would show successful admin hacking. I want to see unsuccessful hacking attempts so I can stop it before it happens!

It would be nice, once in a while, if a suggestion was answered as "good idea, thanks - we'll add it to the next version"...!

The idea gets my vote - definately the 'access to admin' password/username. I guess this would be fairly simple to hack - put in a request in the hacks forum.

Thanks pilot. I do believe if you look back in history you will find that a great portion of v2.0.0 was brought about by user suggestions.

I know - I registered here in April 2000 and made some of those suggestions. Finally got around to migrating from UBB this month and in general I am very pleased with the result.

BTW - are there any VB "hacking" (the good sort) sites - the equivalent of ubbdev.com around?

www.vbulletin.org