Security?

Hi guys,

I’m in the final stage of developing my first cs cart store,and i was reading about .php security in general in the forum and in the web.As a beginner,I have few questions to start but i would like to let this thread open for other members for BASIC security questions involving cs-cart and server security in general:p

________________________________________________________

The first question would be:if i password protect the folder “public_html” in my c-panel,is this a security against hackers?Even if there’s some folder permissions set 777?

The second question is:after installing css cart in my account,i deleted the install,and set 644 to config.php,but in any moment i saw instructions to set back to 755 ,the permissions for image,skins and var folder.I changed to 755 anyway.Is that correct?If it is,why cs-cart doesn’t warn about it(only 644 to config.php)?

Also ,i noticed that even if i changed the skin folder to 755,if i go inside the folder,my folder “aquarelle-pink”(and all it’s sub folders) is set 777.Is that ok?

This are the first doubts i have,problably more will come soon…ahhh,forgot to say that i’m using sp4.Just to add,i found this website that seems to be a very good security guide for beginners(and advanced)webmasters! [url]http://25yearsofprogramming.com/blog/2008/20080311.htm[/url]

Thanks for any advice:grin:

[quote name=‘gabrieluk’]Hi guys,[/QUOTE]



Hello Newcomer,


[quote name=‘gabrieluk’]

The first question would be:if i password protect the folder “public_html” in my c-panel,is this a security against hackers?Even if there’s some folder permissions set 777?[/QUOTE]



755 is better.


[quote name=‘gabrieluk’]

The second question is:after installing css cart in my account,i deleted the install,and set 644 to config.php,but in any moment [COLOR=“Red”]i saw instructions to set back to 755[/COLOR] ,the permissions for image,skins and var folder.I changed to 755 anyway.Is that correct?If it is,why cs-cart doesn’t warn about it(only 644 to config.php)?[/QUOTE]



Ask your webhosting company. It’ strange…


[quote name=‘gabrieluk’]

Also ,i noticed that even if i changed the skin folder to 755,if i go inside the folder,my folder “aquarelle-pink”(and all it’s sub folders) is set 777.Is that ok?[/QUOTE]



Mine too: 777. Any other?



80% of your security is bring by your webhosting company.



80% of security holes is made by yourself :rolleyes:



Example, set a bad chmod…





Lee Li Pop

Thanks LeLi,

I suspected also the things u said,now i’m sure:p