WINDOWS vs UNIX
Posted: Sat Oct 23, 2010 1:13 pm
Hello All
Please, I am new to PHP and have used it to build a really good site that uses HTML, CSS, PHP, Javascript and Jquery. I am very happy with the dynamic site which is driven by PHP pages. I have the following security concerns:
After some research, I found that I could protect the browsing of my web files by using php redirects or by .htaccess.
My site will be hosted by Godaddy on a Windows server. I am concerned about preventing hackers from browsing my file structure. I put an index.php in every folder to redirect web browser window access to my folders - Now instead of getting a "broken-link" error from my hosting company, attempts to browse any folder e.g http://www.mysite.org/assets/images/ - would redirect users back to the home page. This was done to prevent casual snooping.
QUESTION (1): Does Windows provide a secure enough server or should I really request hosting on a Unix or Linux server? I tried putting .htaccess files in my root directory, but it appears that this may only be relevant for Unix servers. QUESTION (2): Should I really be using CHMOD on Unix server to secure access to folders and files?
(*) I don't want anyone to be able to browse my folders and I want to prevent access to my php files for example:
Anyone can go to my site right now and type http://www.mysite.org/includes/connection.php - and the file will execute a connection to my database! I refuse to upload my site to such an unprotected environment but QUESTION (3): How do I prevent this type of access to my programs? connection.php is a file which connects to a mySQL data base that drives my page content, navigation etc.
Please what do I do? I am such a newbie in these matters can anyone help with my three questions?
Thanks
Please, I am new to PHP and have used it to build a really good site that uses HTML, CSS, PHP, Javascript and Jquery. I am very happy with the dynamic site which is driven by PHP pages. I have the following security concerns:
After some research, I found that I could protect the browsing of my web files by using php redirects or by .htaccess.
My site will be hosted by Godaddy on a Windows server. I am concerned about preventing hackers from browsing my file structure. I put an index.php in every folder to redirect web browser window access to my folders - Now instead of getting a "broken-link" error from my hosting company, attempts to browse any folder e.g http://www.mysite.org/assets/images/ - would redirect users back to the home page. This was done to prevent casual snooping.
QUESTION (1): Does Windows provide a secure enough server or should I really request hosting on a Unix or Linux server? I tried putting .htaccess files in my root directory, but it appears that this may only be relevant for Unix servers. QUESTION (2): Should I really be using CHMOD on Unix server to secure access to folders and files?
(*) I don't want anyone to be able to browse my folders and I want to prevent access to my php files for example:
Anyone can go to my site right now and type http://www.mysite.org/includes/connection.php - and the file will execute a connection to my database! I refuse to upload my site to such an unprotected environment but QUESTION (3): How do I prevent this type of access to my programs? connection.php is a file which connects to a mySQL data base that drives my page content, navigation etc.
Please what do I do? I am such a newbie in these matters can anyone help with my three questions?
Thanks