We're running a root server here in Germany and our site (of which dolphin is just one more free feature) with traffic in excess of 130.000 page views per month (all word of mouth). Our server experiences severe hacking attempts 24 x 7 but we've never had any problems, not even with Dolphin 6.1.4

You can write (or have someone do it for you at relatively low cost) a cron job to prevent unauthorized IP access. You can include "fail to ban" on your server (root domain) where after two see more incorrect logins that IP is completely out of the system for whatever duration you see fit. There are also free firewall options online (check sourceforge) for servers. Last but not least, you can create redirect pages for each and every folder that someone shouldn't have access to, with a redirect that dumps people wherever you see fit in as little as 1 second. Often people forget to include image archives ... big mistake! More radical, is the approach to ban entire countries from your server ... no kidding, this can be done. There's all sorts of stuff that you can do to protect your TLD and/or your server. It's not even expensive, just a matter of shopping around in some reputable server forums and finding someone with decent references. Heck, you might even be able to find someone right here at Boonex.

Security doesn't start with Dolphin, regardless which version. It begins with your server and if you're paying good money for hosting or a server, then by golly gosh that shouldn't even be an issue. Your hosting provider/server admin should be able to make things more secure for you. It should be part of the included service as that's not just of concern to you, but to anyone (or company) with root servers, to include the company that you're paying good money to.

Greetings from Germany