Web has a weak security

E

entrycoupling

Posts: 48   +3
I noticed that our web has a weak security. It is more prone to a network attack and a possible data loss. In your case, what do you perform to secure your web applications? How can we automate security?
 
Last edited:
The Denial of Service (and the related DDOS) attack is very difficult to defend.
  • The server needs to have a LARGE number of ports to accept connections. Keep the ports alive for short time intervals, say one minute.
File corruption or loss is a malconfiguration!
  • run the server under its Own User Account
  • set all files for the server to be owned by that account and marked RWX------ (Linux assumed)
  • Use a CMS system to manage the website content and run it under its Own Account
  • set perms for all content as RWXR-X-R--
  • Add both the Server and CMS to a unique group name (this gives the Server group access)
The server will not be able to alter content files (ergo you security) and only the CMS system can be used to alter any content (better control as well as security)

BTW: The CMS is your content Backup :grin:




 
Last edited by a moderator:
You must log in or register to reply here.

Similar threads

midian182
Google launches Chrome Enterprise Premium, a paid-for browser with advanced security features
Replies
7
Views
134
noXLar
noXLar
midian182
Government review criticizes Microsoft for security lapses in "preventable" Exchange hack
Replies
0
Views
97
midian182
midian182
Shawn Knight
Tim Berners-Lee shares his predictions on the 35th anniversary of the World Wide Web
Replies
0
Views
104
Shawn Knight
Shawn Knight

Latest posts

Back