Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Security questions
#1
Hi all, I'm just getting started using GetSimple and I like it so far. I'm used to Joomla and a little Drupal, so I'm not a noob when it comes to CMS, but I do have some questions about increasing security.

My joomla sites I host on a dedicated server where I can control security pretty well. However I want to host a couple of GetSimple sites on a shared hosting account I have where the host doesn't allow all features of .htaccess. The last time I used this shared hosting account to run a Joomla site, a few years ago, it was hacked in a month and turned into a porn portal. I certainly don't want that to happen again!

So my question is how important is .htaccess in security of GetSimple? I see the root .htaccess blocks access to all xml files except sitemap. Can I simply change the permissions of the data directory to 750 (block all public) instead? I've tested this and GetSimple seems to still work fine. The website healthcheck throws up a lot of "0750 Not Writable" errors for the data directory, but in reality I can still edit and add pages. This is actually how I run my joomla sites as well - as long as the webserver unix user (www-data or apache) can access and edit files, there doesn't need to be public access for anything other than essential php files.

Are there any other directories or files I should block access to in the same way? Or any other security tips from people using GetSimple in the wild? Is what I'm doing here a bad idea for any reason?

Thanks very much! Smile
Reply


Messages In This Thread
Security questions - by rnuk - 2012-04-25, 21:06:21
RE: Security questions - by shawn_a - 2012-10-31, 06:20:37
RE: Security questions - by cmscss - 2012-10-31, 06:53:34
Security questions - by ccagle8 - 2012-04-25, 22:03:26
Security questions - by rnuk - 2012-04-26, 00:11:19
Security questions - by Mark Nielsen - 2012-08-09, 22:20:55
Security questions - by shawn_a - 2012-08-09, 22:41:01
RE: Security questions - by cmscss - 2012-10-31, 05:52:01



Users browsing this thread: 2 Guest(s)