I'm dismayed that people require this very basic kind of advice on using defense in depth to protect assets. I would have hoped that it was too obvious even to bother repeating, and I am saddened to be wrong.
Cheers, David. On Wed, Jul 20, 2011 at 02:41:11AM +0800, Harisfazillah Jamel wrote: > Assalamualaikum and salam sejahtera, > > Data for streamx customers information leak. Dated 2009. > > Please please make sure any access to admin interface limited to Local > LAN or by VPN or by specific fix IP. > > and please use HTTPS. > > 1) Configure at the Firewall > > > 2) Apache web server, limit access with htaccess > > http://httpd.apache.org/docs/current/howto/htaccess.html > > > 3) Apache web server, limit access with ACL > > http://httpd.apache.org/docs/2.0/howto/auth.html > > > Thanks. > _______________________________________________ > OWASP-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.my > > OWASP Malaysia Facebook > http://www.facebook.com/OWASP.Malaysia > > OWASP Malaysia Twitter #owaspmy > http://www.twitter.com/owaspmy -- David Fetter <[email protected]> http://fetter.org/ Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter Skype: davidfetter XMPP: [email protected] iCal: webcal://www.tripit.com/feed/ical/people/david74/tripit.ics Remember to vote! Consider donating to Postgres: http://www.postgresql.org/about/donate _______________________________________________ OWASP-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.my OWASP Malaysia Facebook http://www.facebook.com/OWASP.Malaysia OWASP Malaysia Twitter #owaspmy http://www.twitter.com/owaspmy
