I'm with the two Richard's on this, those users shouldn't have telnet access to the host server at all. Users should be using the browser to access your site. Other than that, the most important thing you can do is to regularly back up your code and database to another location so that if something happens to the working box (and likely all tech products, its not IF its WHEN) you can restore the code and database with minimal data loss Bastien On Thu Feb 05 2015 at 9:39:43 AM Omar Muhsin <mrfroasty@xxxxxxxxx> wrote: > You forgot this one "keep the box OFFLINE ... best security" :-D > > > On 05-02-15 14:10, Richard Quadling wrote: > > 1 - Don't allow terminal access to your box. > > 2 - Use a PHP byte code encoder (IonCube, Zend Guard) - not perfect as > they > > can be reversed to access the code in a form. > > 3 - Don't use PHP. > > > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >