Re: securing web applications (Wiki CMS installation)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



2008/2/11, James A. Peltier <jpeltier@xxxxxxxxx>:
> This is a very broad question to ask, however, I will appeal to the basics.
>
> 1) Use HTTPS whenever possible to avoid any passwords crossing the wire
> in clear text.
>
> 2) Ensure only the necessary modules are installed or enabled for your
> CMS to operate.
>
> 3) Always think least permissions necessary to perform the task
>
> 4) Ensure that MySQL is locked down with least permissions necessary.
> At the very least after you've installed MySQL make sure to run the
> secure-mysql-installation script to assign a password to the MySQL root
> user and lock down some of the basic tables.
>
> Each system is different and you should follow the guidelines outlined
> by the CMS to properly secure.  If you are not sure of what you are
> deploying, that's kinda scary, you should be weary of that and tread
> lightly.

thank you

I will deploy Wikka Wiki [0] - there are no explicit security settings
or guidelines

How to harden Apache and PHP (without using SELinux)?

cheers
Simon

[0] http://wikkawiki.org/HomePage
-- 
XMPP: sjolle@xxxxxxxxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux