Simon Jolle "sjolle" wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Centos Users
How to secure a Wiki CMS? This Wiki is based on Apache2, MySQL and PHP.
I cant read the code (lack of knowledge).
Would be glad about hints and URLs
cheers
Simon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHsLAaEMN/lNE/wrwRAlqBAJ91UQgileOWgtjwqzxwfo2j6v2+yQCfb8tL
eGkCnAkZ8lehGzUitDov6Iw=
=s2ox
-----END PGP SIGNATURE-----
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
This is a very broad question to ask, however, I will appeal to the basics.
1) Use HTTPS whenever possible to avoid any passwords crossing the wire
in clear text.
2) Ensure only the necessary modules are installed or enabled for your
CMS to operate.
3) Always think least permissions necessary to perform the task
4) Ensure that MySQL is locked down with least permissions necessary.
At the very least after you've installed MySQL make sure to run the
secure-mysql-installation script to assign a password to the MySQL root
user and lock down some of the basic tables.
Each system is different and you should follow the guidelines outlined
by the CMS to properly secure. If you are not sure of what you are
deploying, that's kinda scary, you should be weary of that and tread
lightly.
--
James A. Peltier
Technical Director, RHCE
SCIRF | GrUVi @ Simon Fraser University - Burnaby Campus
Phone : 778-782-3610
Fax : 778-782-3045
Mobile : 778-840-6434
E-Mail : [EMAIL PROTECTED]
Website : http://gruvi.cs.sfu.ca | http://scirf.cs.sfu.ca
MSN : [EMAIL PROTECTED]
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
