Anybody got any PHP/MySQL workflow tips?
For a personal project, I'm developing an Angular frontend, but the server is MySQL. Got Apache and SQL installed on my local PC and am going to try using Gulp to compile dev code and reload the browser?
Also, I have no idea what I'm doing with regards to keeping things secure with PHP. Anybody got a good PHP/SQL security 101 link?
IT Guy/Gal Thread
-
ABNorman
- The Beef
- Posts: 4475
- Joined: Thu January 03, 2013 10:16 pm
-
Sgt. Crackpot
- F.U.B.A.R
- Posts: 9104
- Joined: Wed July 03, 2013 11:21 pm
- Twitter: RobertDowneyJr
- Location: Lft Craquepeau
- Contact:
Re: IT Guy/Gal Thread
For starters, compile suPHP, suhosin and mod security into Apache.
Make you never set folder permissions higher than 755 or file permissions above 644. Never have folders set to ownership of 'nobody'.
Ensure you're using a currently supported version of PHP with the most recent updates.
For an alternative (better performing) to MySQL, have a look at MariaDB.
Are you running a GUI platform for the hosting management? WHM/cPanel is fine and has options for brute force protection and firewall software like CSF and LFD.
Something to remember is that no amount of server security can prevent a website from being compromised due to bad coding. (Almost everything above will mainly protect the server from being compromised, or other sites/accounts from bring accessed/compromised).
I'll post more later when my brain isn't bathed in beer.
Make you never set folder permissions higher than 755 or file permissions above 644. Never have folders set to ownership of 'nobody'.
Ensure you're using a currently supported version of PHP with the most recent updates.
For an alternative (better performing) to MySQL, have a look at MariaDB.
Are you running a GUI platform for the hosting management? WHM/cPanel is fine and has options for brute force protection and firewall software like CSF and LFD.
Something to remember is that no amount of server security can prevent a website from being compromised due to bad coding. (Almost everything above will mainly protect the server from being compromised, or other sites/accounts from bring accessed/compromised).
I'll post more later when my brain isn't bathed in beer.
Rangi Guy wrote:So skating back to the train station after work today things went wrong.....now my skateboard is at the bottom of the harbour
-
ABNorman
- The Beef
- Posts: 4475
- Joined: Thu January 03, 2013 10:16 pm
Re: IT Guy/Gal Thread
Whelp.Sgt. Crackpot wrote:For starters, compile suPHP, suhosin and mod security into Apache.
Make you never set folder permissions higher than 755 or file permissions above 644. Never have folders set to ownership of 'nobody'.
Ensure you're using a currently supported version of PHP with the most recent updates.
For an alternative (better performing) to MySQL, have a look at MariaDB.
Are you running a GUI platform for the hosting management? WHM/cPanel is fine and has options for brute force protection and firewall software like CSF and LFD.
Something to remember is that no amount of server security can prevent a website from being compromised due to bad coding. (Almost everything above will mainly protect the server from being compromised, or other sites/accounts from bring accessed/compromised).
I'll post more later when my brain isn't bathed in beer.
-
pepperwhiteMFC
- AnalLog
- Posts: 1172
- Joined: Thu April 21, 2016 12:19 am
Re: IT Guy/Gal Thread
Beer battered server environments.
-
Bammer
- mXn
- Posts: 22777
- Joined: Thu January 24, 2013 4:32 am
- Location: Surrounded by Wokes. Please send help.
Re: IT Guy/Gal Thread
3) BrogrammerSgt. Crackpot wrote:I'm somewhat in IT. I used computers to destroy things and kill people.
(she/him/theirs)