Dear PHP Security Experts - My site in recent times have grown up on user base. One of my competitor who is exactly in the same business have tried to get down my site on several ocassion. Can someone guide me on ready softwares or a plan to full proof my site to some extend.
This is a user based site running on a linux platform -php & mysql. The site also has e-commerce applications.
Thanks in advance,
Manis
PHP SECURITY EXPERTS
Moderator: General Moderators
- jaoudestudios
- DevNet Resident
- Posts: 1483
- Joined: Wed Jun 18, 2008 8:32 am
- Location: Surrey
Re: PHP SECURITY EXPERTS
You will have to give us more information on your current setup.
Re: PHP SECURITY EXPERTS
1. We are on shared hosting
2. Using Php 4
3. Our site is a social network for a niche subject
4. We use paypal for e-commerce
5. We also have integrated some open source scripts into the network
6. Some of the modules of the social network is video, music, blogs, forum
I hope this helps, thanks for your reply. I will look forward for your advice.
Thanks,
Manis
2. Using Php 4
3. Our site is a social network for a niche subject
4. We use paypal for e-commerce
5. We also have integrated some open source scripts into the network
6. Some of the modules of the social network is video, music, blogs, forum
I hope this helps, thanks for your reply. I will look forward for your advice.
Thanks,
Manis
Re: PHP SECURITY EXPERTS
I'd say your best bet is to move to dedicated hosting
Re: PHP SECURITY EXPERTS
By legal or blackhat means?manis wrote:One of my competitor who is exactly in the same business have tried to get down my site on several ocassion.
If you mean they tried to hack you - did they succeed or not? Do you have proof of the attack and the identity of the attacker? Did you complain to the authorities and/or to your hoster?
What is your security budget? Best option is to hire a pen tester.
Re: PHP SECURITY EXPERTS
Presently we are looking for some ready-to-go solution. Like a ready software or multiple softwares. Budget is not a problem.
Re: PHP SECURITY EXPERTS
Hi,
If budget is not a problem, hire (or rent) a security consultant or an experienced network/server administrator which checks your system. This would be the much better solution.
there is no simple software solution, which you have just to install.manis wrote:Presently we are looking for some ready-to-go solution. Like a ready software or multiple softwares. Budget is not a problem.
If budget is not a problem, hire (or rent) a security consultant or an experienced network/server administrator which checks your system. This would be the much better solution.
- jaoudestudios
- DevNet Resident
- Posts: 1483
- Joined: Wed Jun 18, 2008 8:32 am
- Location: Surrey
Re: PHP SECURITY EXPERTS
I agree with Hannes2k, if budget is not a problem, get in a consultant.
Also look to changing your hosting to a dedicated server. Rackspace are excellent, they will manage the server for you and look into all these issues and recommend solutions. Then install and setup solutions for no additional cost. They have excellent firewalls, which is a must! But they can also open ports if you need to ssh in or something.
Also look to changing your hosting to a dedicated server. Rackspace are excellent, they will manage the server for you and look into all these issues and recommend solutions. Then install and setup solutions for no additional cost. They have excellent firewalls, which is a must! But they can also open ports if you need to ssh in or something.