Thread: MPA3 and MAS in Vegas !
View Single Post
Old 01-03-2008, 04:08 PM  
garry
Confirmed User
 
garry's Avatar
 
Join Date: Feb 2002
Posts: 680
Quote:
Originally Posted by Rick Ross View Post
Garry what are your thoughts on the Nats issue how are you guys protecting yourself from such exploits?
Since this NATS issue is a little special I don't want to comment on it. However, I can talk about what we have done and do.

About 3 years ago we hired well known hacker to try to hack the MPA3 program. He was of very good help to us and we learned a lot from him. Not only about the script itself, but also how the server should be setup and what should be set and not in the OS to make it all as secured as possible. Ever since then we have demanded that these server settings are met before setting up the MPA3 on their server.

A year or so later we hired a new hacker to try to hack in, and it showed that he couldn't hack in through MPA3. Then one of the bigger companies wanted to move over to MPA3 from another affiliate software company. They requested that MPA3 had to be audited by a third party audit company. We had no problems with that, and a while later we got the papers back from them. They had only good things to say about the code. Actually they gave us props for the way it was written and secured.

I do not say that MPA3 is unbreakable. I guess no software is. However, we do know how important security is for all parties. There is a lot of sensitive information on the server, and we for sure will do everything in our power to make it as hard as possible for any hacker to get in.

If we do get a hack report, even a smallest suspicion that something is wrong, we drop everything and jump right on it with the whole team of programmers. And if need be, we make sure that all MPA3 installs are patched ASAP.

The last 2 1/2 - 3 years we have had one incident I believe. But that turned out to be that PHP was not in safe_mode any longer as what we recommend it to be. The host had turned that off by an accident.

We also have some hacker traps in MPA3 as well but I can not really go in to details about them, I ask for your understanding there.

Security is always a challenge, but let the hackers know, we NEVER sleep!
__________________
The Creator Of THE STANDARD* *in Affiliate Program Software - We make affiliates and program owners more money! MPA3® – Anything Else Is A Replica

Choose between our impressive lineup of software's: MPA3® PRO - MPA3® ENTERPRISE - MPA3® Standard -MAS® CMS - and topping it off with amazing DESIGN, Consulting and Webmaster Services! "Your Mansion of Opportunities!"

Around since 1997 and the company that introduced "Cascading Billing" to the industry. MPA3® V5 - The most intuitive Affiliate Program Software ever made - MPA3® V5 – Anything Else Is A Replica
garry is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote