- It would be preferred to run your server on a Linux system, behind a strict firewall, and not on an internal home network where other computers are present.

- Always use DoS protection. Some devices list this as a feature, but as if! The more resources you have, the better off you will be. Never respond to ICMP pings. DoS is a very dangerous tool on the internet, and you have legal rights to incriminate those who do this to you (as far as US law goes).

- Never "OP" someone unless you trust them to the extent of the privilege. I would have to say that 90% of the issues I have seen with server "griefings" are premature decisions in rank-ups.

- It's the golden rule! Never allow guests to build, unless there are specific areas you-and your players-don't really care about.

- Never allow OFFLINE mode, and if you feel a need to then use authentication protection like xAuth. (Just throwing a name out there, not supporting)

- Always download plugins from the dev.bukkit.org website, and don't be fooled by embedded links into other download locations.