ok.
what can a small site owner do to protect himself from script kiddies?
also would it be helpful and or practical for a site owner to have the site mirrored in 2 or 3 different locations on different servers? (as in 123.com, 123.net and 123.org?)
I want to invent a script kiddy smasher.
__________________ If I do something stupid blame the Lortab!
ok.
what can a small site owner do to protect himself from script kiddies?
also would it be helpful and or practical for a site owner to have the site mirrored in 2 or 3 different locations on different servers? (as in 123.com, 123.net and 123.org?)
Mirroring the site over several domain extensions doesn't do much. Usually when you have all three CNO extensions they all point to the same hosting account.
If one of them goes down your users may not know to go to another one.
If your site is interactive, using php or cgi scripts, ensure that they are all up to date with the latest versions.
Keep an off site backup nightly, so if the bad thing happens you won't lose more than 24 hours of data. If your site isn't too big you mostly don't have to remember to back it up. Do all of your file edits on your local PC and then upload.
If you are using a content management system like I use at apostolic.net, either download backups, or, if the site is big set it up to automatically send a backup to off-site ftp storage.
And ensure that the host is using back end security precautions that detect and prevent intrusion attempts.
Mirroring the site over several domain extensions doesn't do much. Usually when you have all three CNO extensions they all point to the same hosting account.
If one of them goes down your users may not know to go to another one.
If your site is interactive, using php or cgi scripts, ensure that they are all up to date with the latest versions.
Keep an off site backup nightly, so if the bad thing happens you won't lose more than 24 hours of data. If your site isn't too big you mostly don't have to remember to back it up. Do all of your file edits on your local PC and then upload.
If you are using a content management system like I use at apostolic.net, either download backups, or, if the site is big set it up to automatically send a backup to off-site ftp storage.
Ok John,break it down for me like I'm a 6 year old...
What's a cgi or php script?
I'm thinking of using wordpress.org software for a site I'm working on? Do you know if they use that stuff ?
what's a content management system?
Quote:
Originally Posted by John Atkinson
And ensure that the host is using back end security precautions that detect and prevent intrusion attempts.
I'm getting the sense that no-matter what you do as a site owner, it mostly comes down to the host, and how intensely they work to protect your data. Is that a fair statement?
(Thanks for your time, by the way.)
__________________ http://endtimeobserver.blogspot.com
Daniel 12:3 And those who are wise shall shine like the brightness of the firmament; and those who turn many to righteousness, like the stars for ever.
Those are script types used for interactivity and various other automated functiions on a web site... AFF uses a php script for example, to operate
Quote:
I'm thinking of using wordpress.org software for a site I'm working on? Do you know if they use that stuff ?
WordPress is PHP, and it is very solid and secure with a dedicated backbone of developers.
Quote:
what's a content management system?
A script or program that allows you to add content... text, photos, videos and etc from an admin back-end.. like posting on AFF, rather than developing pages in Dreamweaver or hand coding.
Quote:
I'm getting the sense that no-matter what you do as a site owner, it mostly comes down to the host, and how intensely they work to protect your data. Is that a fair statement?
Not entirely. MOST script kiddie hacks come through exploits in scripts on the user domain. JP is using an older version of vbulletin, that may be how they were defaced.
Not much the host can do on the backend can prevent that.
There are also aditional ways to add extra security, such as a double login system for admin areas. There is a word press addon that hardens the admin login for word press I can give you if you go that way.
WordPress is PHP, and it is very solid and secure with a dedicated backbone of developers.
There are also aditional ways to add extra security, such as a double login system for admin areas. There is a word press addon that hardens the admin login for word press I can give you if you go that way.
ok sir. Good stuff.
You may already know this but, just to clarify... wordpress.com pages are hosted on their site, while with wordpress.org they provide the software to set up your own site using their publishing platform, on your own server.
If one uses wordpress.org, are they still getting the php and the security features built in?
__________________ http://endtimeobserver.blogspot.com
Daniel 12:3 And those who are wise shall shine like the brightness of the firmament; and those who turn many to righteousness, like the stars for ever.
You may already know this but, just to clarify... wordpress.com pages are hosted on their site, while with wordpress.org they provide the software to set up your own site using their publishing platform, on your own server.
If one uses wordpress.org, are they still getting the php and the security features built in?
It is the same program used, the only difference is in where it is hosted.
Linear Mode
