Need answers about how to make secure administration of the dynamic website, will it be WordPress blog, Joomla, Drupal or phpBB forum, for an individual without knowledge php and ability to recognize infected files (by spam or hackers).
(source).
On the other hand, a lot of people without special knowledge are making own blog or CMS websites. Are they just risking? Fees for repairs of a compromised shared host, because of inadequate website secure maintenance, should be significant, in tens of thousands.
As I understand, anything that has php functions can be infected and I will not even know about that. Spam may be sent without my knowledge, or other nasties.
Almost all, if not all, CMS/blog systems are requiring 777 permissions at least for some files, that is generally not acceptable from the point of view of security.
Paid hosts, specializing in dynamic websites hosting, were advised as a way to increase security, and keeping password files above public directory, accessible for anyone from the web. But one is completely responsible for what is going under own account, fees for eliminating consequences of the breach will be very high.
And regular updates of the CMS/blogs are tricky and take a lot of time.
Are forums, say, phpBB3 more secure than the other systems that allow easy posting, without coding and uploading html/css webpages?
Now I restricted myself to a static websites, even without php Submit or Comment forms.
I already did Google search and asked in different places.
For paid advice reserve your right first by offering help here, please - I have only one FRIH$ 250 payment.
Free tips or specific tutorial in tutorial section are also very welcome.
| Quote: |
| By the way, if phpini and register_globals are unfamiliar terms you are probably not ready to securely manage your own site. |
On the other hand, a lot of people without special knowledge are making own blog or CMS websites. Are they just risking? Fees for repairs of a compromised shared host, because of inadequate website secure maintenance, should be significant, in tens of thousands.
As I understand, anything that has php functions can be infected and I will not even know about that. Spam may be sent without my knowledge, or other nasties.
Almost all, if not all, CMS/blog systems are requiring 777 permissions at least for some files, that is generally not acceptable from the point of view of security.
Paid hosts, specializing in dynamic websites hosting, were advised as a way to increase security, and keeping password files above public directory, accessible for anyone from the web. But one is completely responsible for what is going under own account, fees for eliminating consequences of the breach will be very high.
And regular updates of the CMS/blogs are tricky and take a lot of time.
Are forums, say, phpBB3 more secure than the other systems that allow easy posting, without coding and uploading html/css webpages?
Now I restricted myself to a static websites, even without php Submit or Comment forms.
I already did Google search and asked in different places.
For paid advice reserve your right first by offering help here, please - I have only one FRIH$ 250 payment.
Free tips or specific tutorial in tutorial section are also very welcome.
