The board's server will undergo upgrade maintenance tonight, Nov 5, 2014, beginning approximately around 10 PM ET. Prepare for some possible down time during this process.
For a personal project, I'm developing an Angular frontend, but the server is MySQL. Got Apache and SQL installed on my local PC and am going to try using Gulp to compile dev code and reload the browser?
Also, I have no idea what I'm doing with regards to keeping things secure with PHP. Anybody got a good PHP/SQL security 101 link?
For starters, compile suPHP, suhosin and mod security into Apache.
Make you never set folder permissions higher than 755 or file permissions above 644. Never have folders set to ownership of 'nobody'.
Ensure you're using a currently supported version of PHP with the most recent updates.
For an alternative (better performing) to MySQL, have a look at MariaDB.
Are you running a GUI platform for the hosting management? WHM/cPanel is fine and has options for brute force protection and firewall software like CSF and LFD.
Something to remember is that no amount of server security can prevent a website from being compromised due to bad coding. (Almost everything above will mainly protect the server from being compromised, or other sites/accounts from bring accessed/compromised).
I'll post more later when my brain isn't bathed in beer.
_________________
Rangi Guy wrote:
So skating back to the train station after work today things went wrong.....now my skateboard is at the bottom of the harbour
For starters, compile suPHP, suhosin and mod security into Apache.
Make you never set folder permissions higher than 755 or file permissions above 644. Never have folders set to ownership of 'nobody'.
Ensure you're using a currently supported version of PHP with the most recent updates.
For an alternative (better performing) to MySQL, have a look at MariaDB.
Are you running a GUI platform for the hosting management? WHM/cPanel is fine and has options for brute force protection and firewall software like CSF and LFD.
Something to remember is that no amount of server security can prevent a website from being compromised due to bad coding. (Almost everything above will mainly protect the server from being compromised, or other sites/accounts from bring accessed/compromised).
I'll post more later when my brain isn't bathed in beer.
Users browsing this forum: No registered users and 22 guests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum