Difference between revisions of "Security"
(vertaling Beveiliging) |
|||
| Line 6: | Line 6: | ||
** Thus, no passwords can pass over the internet unencrypted |
** Thus, no passwords can pass over the internet unencrypted |
||
* For [[SSH]], we do not even allow password based logons: users are required to log on with a key pair (see: [[File Management]]. |
* For [[SSH]], we do not even allow password based logons: users are required to log on with a key pair (see: [[File Management]]. |
||
| − | * By default, the web server is unable to write to directories where the web sites are hosted. This serves to avoid allowing a cracker to modify p.e. PHP or Javascript files by abusing a security problem in a [[CMS]]. The user can decide about necessary exceptions: see [[File Management]]. |
+ | * By default, the web server is unable to write to directories where the web sites are hosted. This serves to avoid allowing a cracker to modify p.e. PHP or Javascript files by abusing a security problem in a [[wikipedia:CMS|CMS]]. The user can decide about necessary exceptions: see [[File Management]]. |
* The [[database]] is ''not'' reachable directly over the internet (not even with a [[VPN]] connection open), only from the web server. Apart from those people who have access to a hosting account, no one can connect to the [[database]]. |
* The [[database]] is ''not'' reachable directly over the internet (not even with a [[VPN]] connection open), only from the web server. Apart from those people who have access to a hosting account, no one can connect to the [[database]]. |
||
* off course, we also take care of operating system security and installation of the latest vendor supplied patches. |
* off course, we also take care of operating system security and installation of the latest vendor supplied patches. |
||
| − | |||
| − | = How to upgrade? = |
||
= How to apply security updates = |
= How to apply security updates = |
||
| + | |||
| + | We have some brief guides on how to best update your web site, depending on which [[wikipedia:CMS|CMS]] you are using. |
||
* [[CMS_Drupal]] |
* [[CMS_Drupal]] |
||
Latest revision as of 15:56, 28 February 2018
Security precausions taken on the VUB hosting
- access is allowed only over SSH, and with a valid VPN logon
- Thus, no passwords can pass over the internet unencrypted
- For SSH, we do not even allow password based logons: users are required to log on with a key pair (see: File Management.
- By default, the web server is unable to write to directories where the web sites are hosted. This serves to avoid allowing a cracker to modify p.e. PHP or Javascript files by abusing a security problem in a CMS. The user can decide about necessary exceptions: see File Management.
- The database is not reachable directly over the internet (not even with a VPN connection open), only from the web server. Apart from those people who have access to a hosting account, no one can connect to the database.
- off course, we also take care of operating system security and installation of the latest vendor supplied patches.
How to apply security updates
We have some brief guides on how to best update your web site, depending on which CMS you are using.
