Keep DNN Up to Date
The single most effective way to protect any DNN website is to upgrade regularly.
DNN’s Security Centre will highlight known vulnerabilities for each version, but even when none are listed, staying current is still best practice. Frequent updates not only patch security issues but also prevent the difficult situation of needing a major upgrade urgently when a vulnerability is disclosed.
Regular updates also ensure your site benefits from performance improvements, bug fixes, and new features that streamline management.
Remove Telerik Components for Good
Telerik has been a long running security concern in the DNN ecosystem. Although patches were released over the years, some vulnerabilities persisted simply because the libraries were present on the server.
Key milestones in resolving this issue include:
- DNN 9.8.0 introduced full support for removing Telerik.
- DNN 9.11.0 stopped shipping Telerik for new installs and automated removal in upgrades.
- DNN 10 (2025) now requires removal of Telerik during the upgrade process.
Use Cloudflare for Additional Protection
Even when a site is securely configured, adding a protective layer before traffic reaches the server is extremely valuable.
Cloudflare’s Web Application Firewall provides rules that specifically mitigate historical Telerik vulnerabilities, along with a range of broader protections. Even the free plan offers meaningful improvements in:
- Security
- Speed
- Reliability
For legacy sites or those undergoing a clean-up, Cloudflare can significantly reduce exposure.
Run Regular Security Audits
The DNN Platform includes built in tools that help identify common misconfigurations. These tools help check for:
- Unsafe file permissions
- Insecure server settings
- Out of date modules
- Unused or risky accounts
- Other configuration issues
This makes it easier to spot weaknesses early and address them before they create problems.
You can review the security settings of your DNN website by clicking on the security link as show in the image below.
Review Host and Super user Accounts
Host (Super User) accounts hold complete access to the site. Because of this, they should be tightly controlled.
Use DNN’s security tools to:
- Review last login information
- Remove unnecessary accounts
- Rotate or update credentials
- Ensure MFA is used where possible
Restricting access is one of the simplest and most effective ways to reduce security risk.
Manage Third Party Extensions Carefully
Extensions provide powerful functionality, but they are also a major source of vulnerabilities. To keep your site secure:
- Keep all extensions up to date
- Remove extensions you no longer use
- Replace outdated modules with supported alternatives
- Check extension change logs for security patches
A lighter, cleaner installation is faster, safer, and easier to maintain.
Summary
A secure DNN site in 2025 depends on consistent, proactive maintenance. Staying updated, removing legacy Telerik components, reviewing extensions, and using security audits all contribute to a strong baseline. Also adding Cloudflare provides an extra layer of defence before attackers ever reach your server.
The good news is that DNN remains a robust and secure platform when managed properly. The challenge is simply staying ahead of emerging threats. If you want peace of mind knowing your platform is secure and maintained get in touch today and let our DNN specialists take care of everything.