Simon Jolle wrote:
2008/2/11, James A. Peltier <jpeltier@xxxxxxxxx>:This is a very broad question to ask, however, I will appeal to the basics. 1) Use HTTPS whenever possible to avoid any passwords crossing the wire in clear text. 2) Ensure only the necessary modules are installed or enabled for your CMS to operate. 3) Always think least permissions necessary to perform the task 4) Ensure that MySQL is locked down with least permissions necessary. At the very least after you've installed MySQL make sure to run the secure-mysql-installation script to assign a password to the MySQL root user and lock down some of the basic tables. Each system is different and you should follow the guidelines outlined by the CMS to properly secure. If you are not sure of what you are deploying, that's kinda scary, you should be weary of that and tread lightly.thank you I will deploy Wikka Wiki [0] - there are no explicit security settings or guidelines How to harden Apache and PHP (without using SELinux)?
SELinux is the "best" hardening step available for securing RH based php/httpd/mysql stacks (IMHO) ... why are you taking it off the table ???
besides SELinux, you might want to look at php-suhosin: http://www.hughesjr.com/content/view/21/1/ Thanks, Johnny Hughes
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
