For our Clients, I usually setup extra security while still making it easy for using whatever script. This, along with our Server-wide security, makes it hard for bad things, security wise, to happen within their account.
For others, I can only suggest they follow these security steps and speak with their Hoster, about beefing up security for their account. Scripts such as; ZenCart, osCommerce, e107, and many others, require very open settings on the front-end so that ease-of-use is provided within the back-end or Admin section.
Perfect example is an images dir. Almost every type of the previously mentioned scripts require the 'images' dir. to have permissions of 777 -- so that one can use the 'images' dir. from within the Admin section. Currently, it requires using 755 permissions when not using it and changing to 777 when working in the Admin section, for uploading or working with images. Then, when finished, you change permissions back to 755; the default setting and very secure.
Trouble is, most people forget to change permission back to 755 and thus, it is only a matter of time till they remember and change it or some hacker finds it wide open and abuses it.
Results 1 to 10 of 14
Threaded View
-
22 Nov 2006, 11:33 AM #11
Inactive
- Join Date
- Oct 2006
- Location
- Alberta, Canada
- Posts
- 4,571
- Plugin Contributions
- 1
Re: Remove old threads to stop hackers
Similar Threads
-
v151 can i salvage very old shipping settings from old database?
By enddes in forum Upgrading to 1.5.xReplies: 4Last Post: 8 Oct 2012, 08:27 AM -
Ye Old Upgrade - Archiving and Removing Old Data, etc.
By chadderuski in forum Upgrading to 1.5.xReplies: 1Last Post: 4 Sep 2012, 08:25 AM -
How do I remove old links from my Admin > Configuration menu?
By ardhill in forum General QuestionsReplies: 2Last Post: 8 Jul 2010, 05:37 AM -
Can't edit, upload new or remove old banner
By rcht in forum Basic ConfigurationReplies: 3Last Post: 10 Oct 2009, 04:06 AM
Bookmarks