Difference between revisions of "Access Restrictions"

Bill (Talk | contribs)
Bill (Talk | contribs)
Line 2: Line 2:
  
 
In this circumstance, access should be clearly separated into roles at different levels. When hosting a web application a separate password and user should be used for database access by the web application. The web application should never have root access to any other domain. In a similar way, real world users should be divided into roles and categories and non-should be granted full root access.
 
In this circumstance, access should be clearly separated into roles at different levels. When hosting a web application a separate password and user should be used for database access by the web application. The web application should never have root access to any other domain. In a similar way, real world users should be divided into roles and categories and non-should be granted full root access.
 
==Shared Hosting==
 
 
  
 
==Dedicated/VPS Hosting==
 
==Dedicated/VPS Hosting==
Line 39: Line 36:
 
<li>
 
<li>
 
File permissions
 
File permissions
 +
</li>
 +
</ol>
 +
 +
 +
==Shared Hosting==
 +
<ol>
 +
<li>'''Password Management'''
 +
For shared hosting password managment is a core defence against attack. The administrator password should fit the criteria above for a strong password - long, variance in characters containing no dictionary words.
 +
 +
As above [https://securityinabox.org/en/keepass_main| Keepass] can be used to generate and store a complex admin password. This has the secondary advantage of limiting access to the admin password to those who are trusted with the Keepass store.
 +
</li>
 +
<li>
 +
'''Restrict IP addresses'''
 +
 +
Depending on what version of CPanel your provider offers, it is possible to lock down access via [http://docs.cpanel.net/twiki/bin/view/AllDocumentation/WHMDocs/DenyAccess| Host Access Control] option. This allows you limit access to very specific IP addresses.
 
</li>
 
</li>
 
</ol>
 
</ol>

Revision as of 20:45, 15 May 2014

Dedicated/VPS Hosting

Shared Hosting

Last modified 11 years ago
Cancel

Help improve this page!

Cancel

Keep track of this page and all changes to it.