Jump to content

How Secure? Shared Hosting | Security Checklist | Procedures and Measures


Repy

Recommended Posts

Hello there.

 

I've been wondering how secure actually is PrestaShop out of the box.

 

I want to install it in a shared webserver (private ssl and ip) and the cpanel provides a link to that "oneclick installer" what in theory, takes care of apache configuration and files and dirs permissions, but should I rely on them, or should I install everything manually? It installs the latest prestashop version, and the thing seems quite updated.

 

Also, is there a checklist on security or something? I don't want those file permissions checklist that i found on google, i want something useful and that makes sense (like checking the most important files and their md5), something automated maybe.

 

Is prestashop secure by default? I would like to know anything that increases or improves the security. Security plugins generally only makes the entire thing more unsecure, but are there any stand-alone softwares that i could install to check the "health" of my prestashop setup?

 

I want to know anything useful that actually improves the security, I want my install to be as safe as possible. If PrestaShop is safe out of the box, then okay.

 

Thank you.

 

PS: Forget all that virus and misconfiguration thing, let's assume it's a "perfect" install and the admin machine is totally safe.

Link to comment
Share on other sites

I think you should avoid out of the box solutions since they sometimes leave insecure file and folder permissions.

 

For files use 644 and for folders 755. Don't be tempted to make a file or a directory world writable even if the instructions say so. Make apache user the owner of those files and directories who have to be publicly writable instead.

 

Limit user access only to essential directories and use mod_rewrite as a first line of defense.

 

Also, if you have the ability use mod_security

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...