WordPress Security Best Practices
Restrictions on access control: best practices on a Linux server
Linux work as an independent consultant, I see many of my clients struggle with the problem of access control on a Linux server. Restrictions on access control are the basic processes of assigning limited user accounts to consultants or employees Linux on your server. It may seem that access control is not a big problem for most people (a common argument I hear is that my clients trust their consultants employees), but the access control restrictions exist for purposes other than keeping people honest.
Access control restrictions on a Linux server is necessary to prevent intentional or accidental damage to your server (every system administrator can tell a story of how a command worked unexpectedly). In addition, the access control restrictions to help protect confidential information (passwords of others, credit card information, etc) accidentally or maliciously used. An example of how someone can accidentally misuse of sensitive information in the case of backups. If a developer is working on your server, and creates a backup of the database for your WordPress database, he or she may decide to make a backup of the database server. This Thus, the encoder can transfer a backup offsite insecurity (which is then compromised if the data is copied over insecurity method of transferring files), or the programmer could copy the backup database to a location that all users and applications can access (eg / Tmp). This would result in the possibility that an attacker off now all databases (which might contain information such as credit card numbers).
Another good example of how restrictions of access control is needed is an example of a malfunction of data destruction software. If an application software running on a level of privilege than necessary (either file system or database level), which increases the chances of a software malfunction causes problems with the server. Let's face it, nobody wants a PHP script is working properly to eliminate or corrupt all databases on the server. While all the information must be backed up regularly anyway, is an unnecessary risk.
Once you have determined the need to control access to a Linux server, there are many ways to achieve this:
* Use sudo to escalate privileges, and assign each encoder or consultant of their own user accounts. Disable root access via SSH, and add all consultants or programmers to the group of users themselves. Finally, change the permissions on the root directory of web documents to allow all members group writing.
* Log all connections through SSH and FTP, to ensure that outside consultants or employees log on to the server when it is supposed to work on a project.
* For a database server, create new user accounts for each separate database. This will reduce the damage an application or a malicious user can do for your database server, if an application of single database is compromised.
* For temporary accounts or accounts of a consultant (not necessary unless assistance is requested), be sure to disable accounts once access is no longer necessary.
* For all user accounts, you need a password that is not in any dictionary, and enforce password length of eight characters or more.
Once you have determined the need to restrict access control, and applied them to your server, you can rest well at night knowing that your server will safely. Unrestricted access control to actively fulfill its Linux server may not be as safe and sound.
About the Author
Christopher J. Pace is a freelance Linux consultant who has worked with Linux since 2001. He provides remote Linux support for Linux servers, supporting a variety of Linux software solutions.
lynda.com tutorial | WordPress 3: Developing Secure Sites—Stopping file hotlinking
|
|
No Security $9.99 No Security |
|
|
Security $9.99 Security |
|
|
Oracle Forensics : Oracle Security Best Practices $72.74 No Synopsis Available |
|
|
SAP Security Configuration and Deployment : The IT Administrator's Guide to Best Practices $71.88 No Synopsis Available |
|
|
Nuclear Security Culture : From National Best Practices to International Standards $146.25 No Synopsis Available |
|
|
Cissp Best Practices Guide to the Basics of Certified Information Systems Security Professional $29.24 No Synopsis Available |
|
|
420 TVL Color Low Profile Dome Security Camera $39.99 At only 3 inches, this dome security camera will easily blend into a variety of locations. It uses a high-quality Sharp 1/4 inch CCD to give you a crisp, clear image under varying lighting conditions. The one-button dome release makes it easy to remove the clear dome and aim the camera for a perfect shot. Use our PWR12800R power supply for best results.Note: power supply not included. |
Tagged with: blog • design • programming • web • webdesign • wordpress security best practices
Filed under: WordPress Marketing Strategies
Like this post? Subscribe to my RSS feed and get loads more!
Leave a Reply