security
- Thread starter Natcoweb
- Start date
- Status
3 comments
1. If you are using apache, install and configure mod_security and suexec
2. For php you need to secure the configuration file and run it under suphp. Besides you need suhosin.
3. Secure your server with an automated firewall, stop unwanted services and so on.
This was for server side, as for web site, if you are a programmer and asking this question... I can only say that you need to invest a lot of time
2. For php you need to secure the configuration file and run it under suphp. Besides you need suhosin.
3. Secure your server with an automated firewall, stop unwanted services and so on.
This was for server side, as for web site, if you are a programmer and asking this question... I can only say that you need to invest a lot of time
As for script security it really is near impossible to stop all attacks.
Current mod_sec rules we have created blocks known wordpress hacks, long sql queries in url (sql injection), abusive sql queries, cross site exploits, etc...
Its very hard to offer such a security since most people use known scripts which the source codes have been either leaked or decrypted or even open gpl (public script).
Current mod_sec rules we have created blocks known wordpress hacks, long sql queries in url (sql injection), abusive sql queries, cross site exploits, etc...
Its very hard to offer such a security since most people use known scripts which the source codes have been either leaked or decrypted or even open gpl (public script).
- Status