Quote:
Originally Posted by crockett
I've never had any virus issues from my boxes at webair. IMO it tends to not be hosts in general, but rather scripts you might be running.
I know the last major outbreak of people's sites getting hacked, was because the attacker was exploiting the template files for well known scripts.
So the trick there, is to rename your template files to something that can't be guessed. For example in comus I use random generated template names. Like in4f-tgh.tpl stuff like that.
One thing I do notice and it seems true with most hosts, is they are slow at doing updates. So you should always contact your hosts and make sure you are running the latest stable versions of PHP, zend,mysql and all that kinda stuff.
|
pretty much covered it.
Hosts should update their systems to the latest stable OS and functions, but clients should also update their scripts ( like Wordpress, joomla, drupal, and so on ... ).
Also, before installing a " module" or " component" or " plug-in ", it would be a good idea to check the security of such add-on.
Also, clients should make sure that permissions on their files are set to the lowest possible. I encounter many config.php that are left at 777 ... Might as well leave the door open and put a billboard up ....