hi
I would like to ask the experts on security if they can kindly provide me with some tips and tricks on increasing board security.
I dont even know if my chmod settings for directories and files are correct to be honest.
So it would be good to know which are the correct settings for files and foldrs as far as chmod is concerned.
and also other smaller tips and tricks like PHP settings or server settings would be nice to know.
So if anoyne is willing to share their knowledge - I wuld really appretiate it :)
Thanks
Firewall, strong passwords on FTP, SMF, SSH, disable root access to SSH if it is installed.
As for permissions it really depends on your host configuration. I run everything as 666 (read-only) as no files need to be writeable as I don't update settings.php or install mods / themes.
If you use the package manager then all files need to be at 777.
However if your host runs scripts under your user then you can chmod all files to Read/write/execute by the owner only which will still allow editing of settings.php and package install
Thanks :D actually im done installing all the mods and themes i could possibly want so im gona try the 666 settings as well :D thanks very much
I may be moving to a dedicated server soon so i also wanted to ask if you know of a good firewall i could use - commercial or free - either will do
thanks
Firewalls really depend on the platform.
Linux has the iptables firewall which isn't too difficult to configure if you read the documentation.
There is also other software to help configure it like Shorewall although you host may provide some sort of protection as standard