While good, network security isnt the issue. Its running a web service with open registration allowing randos to upload content that gets processed by the server.

Throw this up on a dedicated $5 VPS and you still have a problem. The default should be manual registration by admins.