but for starters make sure you'll use the latest stable release
and with the latest security fix. review their respective default
configuration file and disable the parameters that could
compromise security. you might want to give apache's
mod_security a try.
assuming the platform's security is in place, you still have
to check PHP-Nuke's website for advisories such as XSS,
SQL injection, Path disclosure, etc. vulnerabilities.
you might also want to run the ff:
- nessus http://www.nessus.org/
- wapiti: http://wapiti.sourceforge.net/
against your server for security audit.
On 8/10/06, Arshad Ali Amade <[EMAIL PROTECTED]> wrote:
Hi all,
I need to install a Production Webserver with phpnuke. What is the best combination of apache, php and mysql versions do I need to install??? Is there any suggestions about adicional security software??
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
