Server security (8)
I'm ready to start running campaigns and have everything ready, however, I came across: http://stmforum.com/forum/showthread...s)-Part-1-of-3
As a beginner who doesn't really have a coding background, it's sort of overwhelming. Only thing I've done so far is the robots.txt and I was wondering if I really need to implement all the security measures from the beginning, they'll be quite time consuming for me. Any suggestions and tips would be really helpful on what I should do from here guys.
What server are you running? Apache, Nginx or Litespeed (or something else)?
I summarised the key you-must-do-this security issues for affiliates in this thread - definitely do the first three (up to "don't use FTP"). After that it becomes less immediately urgent to do them, although you probably should at some point.
You should probably stop people browsing your directories, but the lazy/ghetto way to do that is just to make sure you've got an index.html or .php in every directory!
It's funny I just finished reading your Basic security thread - amazing schtuff!
I'm running a Apache server with LiquidWeb. Should I leave the index.html or .php without any code?
I'd actually advise quickly running though http://stmforum.com/forum/showthread...teSpeed-Ish%29 - they're not too complicated and will auto-block people from looking through your directories.
However, if you find that too confusing right now, then just use an index.html with a single word in it, like "blocked".
In WHM under global configuration, i see an option to deselect indexes in the "directory "/" options" section. If I deselect it, wouldn't it auto-block people from viewing directories as well?
That should do the trick, yep!
Not related directly to security but I would switch Apache with Litespeed.
it's much more faster and as easy as apache to use ( with cpanel ).
Originally Posted by bbrock32
Home > Programming, Servers & Scripts > Hosting, Servers & Security