I see in the installation guide that there are some extra steps one can take to make the site more secure, but I'm really not sure how to go about it. My site has recently been compromised by a phishing attack and I have been contacted by the RSA Anti Fraud Command Center to take my site offline asap, which I have done. Now, the people who host my account are willing to reinstate it but they want me to document the steps I have taken in terms of security so that this kind of thing never happens again. I know that with my compromised installation I had permissions set correctly on my config file. Is there anything further that I can do with the config file or any others that would make my site more secure and in order to convince my host and the authorities that I have it all as secure as possible and under control? And if so, could you please explain the steps to me in layman's terms? I was using 4.2.1 but will obviously use the latest release if and when I can set up a new site.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
exactly HOW was your site comprised? What version of PGV are you running?
4.2.3+ is VERY secure, with little opportunity to attack unless you leave the doors wide open. Any other installation is, needless to say, more vulnerable, and some downright sieves in which we have tried to keep the routines to hack minimally mentioned, but most are well known.
There are detailed instructions in the WIKI on how to move the INDEX folder to a non-web accessible location.
-Stephen
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
<<they want me to document the steps I have taken in terms of security>>
Delete and reinstall the latest versions of PGV and (any other web-application you are using). Tell your host you have done this. That's about all you can tell them that they will understand. They will probably have received a take-down notice from RAS AFC, and simply need a response from you that will get the lawyers off their back.
To protect your site,
1) Always update to the latest version of PGV. A vulnerability was found in (IIRC?) 4.2.1 that could allow an attacker to take over your site.
2) Check your file permissions. I wrote a lengthy article on the wiki explaining what settings are needed on different server configurations.
3) Move the index directory out of your html_public directory (or whatever your document root directory is called)
4) Create a tmp_session sub-directory in your index directory, and set this as your session save path.
Um, that's about it.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I see in the installation guide that there are some extra steps one can take to make the site more secure, but I'm really not sure how to go about it. My site has recently been compromised by a phishing attack and I have been contacted by the RSA Anti Fraud Command Center to take my site offline asap, which I have done. Now, the people who host my account are willing to reinstate it but they want me to document the steps I have taken in terms of security so that this kind of thing never happens again. I know that with my compromised installation I had permissions set correctly on my config file. Is there anything further that I can do with the config file or any others that would make my site more secure and in order to convince my host and the authorities that I have it all as secure as possible and under control? And if so, could you please explain the steps to me in layman's terms? I was using 4.2.1 but will obviously use the latest release if and when I can set up a new site.
exactly HOW was your site comprised? What version of PGV are you running?
4.2.3+ is VERY secure, with little opportunity to attack unless you leave the doors wide open. Any other installation is, needless to say, more vulnerable, and some downright sieves in which we have tried to keep the routines to hack minimally mentioned, but most are well known.
There are detailed instructions in the WIKI on how to move the INDEX folder to a non-web accessible location.
-Stephen
<<they want me to document the steps I have taken in terms of security>>
Delete and reinstall the latest versions of PGV and (any other web-application you are using). Tell your host you have done this. That's about all you can tell them that they will understand. They will probably have received a take-down notice from RAS AFC, and simply need a response from you that will get the lawyers off their back.
To protect your site,
1) Always update to the latest version of PGV. A vulnerability was found in (IIRC?) 4.2.1 that could allow an attacker to take over your site.
2) Check your file permissions. I wrote a lengthy article on the wiki explaining what settings are needed on different server configurations.
3) Move the index directory out of your html_public directory (or whatever your document root directory is called)
4) Create a tmp_session sub-directory in your index directory, and set this as your session save path.
Um, that's about it.