- Use HTTPS! HTTPS is Key if you don't want MitM Attacks happening. Many services such as StartSSL and Let's Encrypt provide free SSL Certificates.
- Use a separate MySQL user just for SourceBans. Don't use the root MySQL user with SourceBans, make a separte SQL account that only has access to the SourceBans DB.
- Make sure you do regular backups of your SourceBans Database.
- Trust your Admins, don't give Admin access to your server(s) to a random stranger or a person you don't know.
- Keep Steam OAuth-Only Login On
- Open an issue on the GitHub repo, with all nessesary info. (DON'T PUT HOW TO DO THE ACTUAL ATTACK, JUST THE IMPLICATIONS)
- If possible, open a Pull Request with a fix for the said Security Hole while following the instrucions in CONTRIBUTING.md.