How to guard against security vulnerabilities in PHP-Nuke

23.4. How to guard against security vulnerabilities in PHP-Nuke

After all the detailed excusion to the security risks lurking around your pristine installation of PHP-Nuke that was undertaken in the previous sections, you may be asking yourself if there is anything you can do to avoid them. Indeed, following the advice in this section, will render your PHP-Nuke system as secure as can be.

But there is also one point you should understand while talking about software (and especially Web software) security: there is no absolute security! You can make life very difficult for the hypothetical "malicious user", but then, given enough (time, money and criminal energy) resources, every system connected to the Web can become vulnerable. Thus, if your carreer depends on this, hire a security professional to check the code for you.

However, even if you are on your own, you can still do a lot to guard against security vulnerabilities. You can:

Tip Disable HTML and uploads!
 

Many of the most important security risks arise from the fact that HTML is allowed in the News and Forums, or that users are allowed to upload avatars or mail attachments to the web server. You can thus diminish the attack potential against your site, if you disable HTML and uploads. But of course, this will not protect you from everything, so read on!

 

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 337,474,983
  • Today: 11,523
Server InfoServer Info
  • Sep 26, 2017
  • 03:47 am PDT
 
 

Daily Inspiration