Amateur looking for advice on web security/CGI folder....
Skip Kimpel
skiplondon at gmail.com
Fri Aug 14 06:09:25 EDT 2015
I have been forced to use this method in the past and when I do, I encrypt the data before I send it to the server and decrypt it after I retrieve it. This will at least keep the data secure if you have to go that route.
SKIP KIMPEL
> On Aug 14, 2015, at 12:23 AM, Tim Selander <selander at tkf.att.ne.jp> wrote:
>
> OK, glad I asked the list.... had a hunch my understanding was inadequate.
>
> Not using real data for the tests...
>
> Guess I need to go study. Any pointers to good articles appreciated!
>
> Tim Selander
> Tokyo, Japan
>
>> On 15/08/14 12:50, Mark Wieder wrote:
>>> On 08/13/2015 04:29 PM, Tim Selander wrote:
>>>
>>> My remaining question is on keeping text data secure on our web server
>>> (on-rev). I use LC scripts in the cgi folder. My understanding is that
>>> the cgi folder is secure from any outside breach. Is that understanding
>>> correct? So if I store my company's customer data in the cgi folder, it
>>> is secure?
>>
>> Oh my goodness no.
>> Don't put any data you need to keep secure on a publicly-facing server.
>> Especially not on a shared server ala on-rev.
>> You *are* requiring https already, right?
>> And you've modified the .htaccess file in the public_html folder?
>> And disabled anonymous ftp?
>
>
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
More information about the use-livecode
mailing list