Web hosting security is one of the most important considerations any web master should understand. Most web hosting providers will
have the relevant security in place to protect the over all security of the server, network your mambo site is hosted on.
Web hosting security is one of the most important considerations
any web master should understand. Most web hosting providers will
have the relevant security in place to protect the over all security
of the server, network your mambo site is hosted on.
As well as the over all web server security you need to consider the
specific security measures which can be applied to your mambo web site.
This article is only intended to provide you with a high level overview and some
practical advice to protecting
and securing your mambo web site. This article does not cover the security
measure's for apache, sql,.htaccess
but we have included some useful link's at the bottom of this article which may
help.
1) Configuration.php
The first security best practice approach is to ensure the configuration.php
is not " writable " and you apply the correct chmod permissions to the
file to prevent anyone " hackers " from changing it. Once you have developed the
mambo site and it's ready for release into the live environment. You should
change
the CMOD permissions on the file to chmod 744
2) Backup your mambo web site
Once you have developed your mambo web site make sure you get into the
habit of backing up your website including directories and MySql database.
If you do get hacked you can always recover the mambo open source CMS web site.
3) mambo web site permissions
The following directory and chmod file permissions should also be applied to
your mambo
web site
chmod -R 707 images chmod -R 707 media chmod -R 707 uploadfiles chmod -R 707
components
chmod -R 707 languages chmod -R 707 modules chmod -R 707 templates chmod -R 707
administrator/backups
chmod -R 707 administrator/components chmod 744 configuration.php
For more information about chmod permissions you can visit
chmod guide
4) Mambo administrator privileges
When creating a new account for a user never provide them with administrator
level access
unless you really know them.
5) Mambo security patches
make sure you keep upto date with the latest security releases for mambo via
mamboserver.com
Before applying the security release to your live site make a backup of your
site first. Also
ready the change log associated with each security release. If you are not sure
about what you are
doing visit the forum for more advice.
Addtional security reading.
For more information on the security measure's you can put in place to protect
your web server
and mambo please use the link's noted below.
SQL Security
MySQL security
Step by step guide
to securing MySQL
Apache security
Step by step apache
security
Apache security
tips
PHP Security
Step by step PHP
security |
