Amateur looking for advice on web security/CGI folder....

Skip Kimpel skiplondon at gmail.com
Fri Aug 14 12:09:25 CEST 2015


I have been forced to use this method in the past and when I do, I encrypt the data before I send it to the server and decrypt it after I retrieve it.  This will at least keep the data secure if you have to go that route.

SKIP KIMPEL

> On Aug 14, 2015, at 12:23 AM, Tim Selander <selander at tkf.att.ne.jp> wrote:
> 
> OK, glad I asked the list.... had a hunch my understanding was inadequate.
> 
> Not using real data for the tests...
> 
> Guess I need to go study. Any pointers to good articles appreciated!
> 
> Tim Selander
> Tokyo, Japan
> 
>> On 15/08/14 12:50, Mark Wieder wrote:
>>> On 08/13/2015 04:29 PM, Tim Selander wrote:
>>> 
>>> My remaining question is on keeping text data secure on our web server
>>> (on-rev). I use LC scripts in the cgi folder. My understanding is that
>>> the cgi folder is secure from any outside breach. Is that understanding
>>> correct? So if I store my company's customer data in the cgi folder, it
>>> is secure?
>> 
>> Oh my goodness no.
>> Don't put any data you need to keep secure on a publicly-facing server.
>> Especially not on a shared server ala on-rev.
>> You *are* requiring https already, right?
>> And you've modified the .htaccess file in the public_html folder?
>> And disabled anonymous ftp?
> 
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode



More information about the use-livecode mailing list