Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am hosting my website on a linux server with php5 (no mySQL). Now I am the administrator, and I’m building my first website. I want to know about security, how do I secure my site from malicious injections and hackers? With the htaccess file? And what do I need to put in there?
Any help appreciated.
Thank you
If you have no SQL, you don’t have to worry about injection attacks.
Security for your site depends on what you have running on your site. If it’s only PHP, I suggest keeping important code which may reveal things such as passwords and authentication keys or functions in a separate php file outside of your wwwroot and include them.
Example:
Your website runs in /home/wwwroot/
Put your php files with important data or functions in /home/privatephp/
Now in all your php files where you want to use those private functions or call on data that you want hidden, you simply use
include (../privatephp/privatestuff.php);at the top of each php file.Your privatestuff.php file can contain such things as
$adminusername="imtheadmin";or$adminpassword="adminpassword";Then you can simply reference those variables in any PHP file where you have used the include command.