Results 1 to 6 of 6
-
08-24-2007, 03:09 PM #1Junior Guru Wannabe
- Join Date
- Sep 2004
- Posts
- 47
How much security do I really need?
I am on a shared server account with Lunar Pages basic hosting plan.
The only script file I have up running is db Masters FormM@iler. It runs on Cpanel. I deleted whatever other scripts I could find on my server. The site is just basic html pages with jpgs and a gif.
Is there much else I really need to do to secure the server or is that more in Lunar Pages' hands?
If there is still more I can do to secure the server, and is it a small amount that's easy to do or would it be wise to just hire someone else to put in a few hours making sure everything is truly set up securely? Any groups you reccommend?
Thanks for your time.
-
08-24-2007, 03:17 PM #2Web Hosting Master
- Join Date
- Jan 2003
- Location
- U.S.A.
- Posts
- 3,928
If you have a shared hosting account you can't do much when it comes to the security of the server. The best thing you can do is what you've already done and of course make sure you keep all your account information to yourself.
-
08-24-2007, 11:26 PM #3Web Hosting Master
- Join Date
- Oct 2004
- Location
- Kerala, India
- Posts
- 4,771
Ask the host is adequate mod_security rules are in place, since you are running a web based application.
David | www.cliffsupport.com
Affordable Server Management Solutions sales AT cliffsupport DOT com
CliffWebManager | Access WHM from iPhone and Android
-
08-25-2007, 12:07 AM #4Web Hosting Guru
- Join Date
- Feb 2006
- Location
- Pakistan/India/USA
- Posts
- 322
Re:
Tom F - VCA-WM, VCA-Cloud, VCA-DCV, CISSO, CPTE, OSCP, RHCE, RHCT
Maxim Support - Hosting Solutions & Server Management
Email : tom@maximsupport.com
Web : http://www.maximsupport.com
-
08-27-2007, 04:54 PM #5Junior Guru Wannabe
- Join Date
- Sep 2004
- Posts
- 47
A belated thank you for the people's responses in this thread.
-
08-27-2007, 05:15 PM #6Junior Guru Wannabe
- Join Date
- Aug 2007
- Posts
- 57
Tom's advice is the golden rule. Sign yourself up for the security or updates mailing list (if there is one) for any software or scripts you install, and for anything you have custom developed, make sure the programmer(s) are familiar with secure programming practices; that can be difficult, so references are good.
That said, well-known (non-custom) PHP scripts are probably the #1 cause of web sites being compromised, spam being sent, etc. Weak passwords are #2.