How to properly secure my website
I hope i'm at the right place, please suggest somewhere else if i'm not. I just finished building my website which I hope to launch soon. Im hoping to eventually have high traffic therefore high potential for hackers.
How do I go about properly securing my website? Is there a guide to do this? After doing a little (collectively unsuccessful) google-ing i've seen links about encryption and tools like verisign/godaddy site scanners etc. but are these enough?
I know little php but proficient in html and css. If it takes php or any other programming language i have no problem learning what i need.
Please help, security is the only thing holding me back
There are (at least) two distinct aspects to security:
Originally Posted by pjbrodber
1. Security against hackers. This is the responsibility of the web host. My host provides locking of the ftp access, so I have to log into their web site and unlock my site before I have ftp access.
2. Security against code copying/reuse. Encryption is a waste of time, because the browsers do not support it. What you can do is use PHP to hide as much of the site as possible from prying eyes. But this only works if you have a site which is highly configurable, so the browser only receives one specific configuration at a time. Anyone wanting to copy it has to assemble a full set of configurations, then write the PHP code to glue it all together. If you are interested, my screen emulator www.emberwebsites.co.uk/ewemulator/index.php is an example of where this approach is useful. However:
a) This is not a typical website.
b) Anyone capable of working out what the site is doing, could write the code anyway! So why would they bother?
Last edited by jedaisoul; 03-21-2012 at 05:12 PM.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Tags for this Thread