This site has Unicode encoded Bengali texts. If you cannot see the Bangla texts, then you would need to setup your computer for Unicode. Here is how to setup. You may also need to install a good Bangla Unicode font. We have modified the  publicly available Ekushey Lohit font for better screen reading. The new font, called AponaLohit looks almost like an Unicode compatible version of popular Boishakhi font. Download from here. You may wish to view the Bangla version of this site too.

Joomla server setup E-mail
The security of a Joomla site, in fact any site having PHP scripts depends highly the way the web server application (such as Apache) is configured and run on the server. As most servers are Linux based and use Apache as the web server application, we'll look into some issues that may affect the security of a web site.
Websites hosted on a server are viewed ordinary system user from the operating system point of view. In other words, when you buy a hosting, the hosting company would give you an account and password to access a server. Like you, there are a number of other users having their websites on the same server. Apart from such users, there can be other users for other reasons. For example, users to run MySQL or Apache .

Apache can either be run by the root or an ordinary user with limited access. Running apache by the root will give Apache (and any script run under it) all the privileges of the root user. This is convenient because, the root account can create, modify, delete, in fact do whatever it wishes, on any file/directory on the server. So any user running his php scripts wouldn't have any problem in creating new file or directory. His php script would act like the root user. However, running Apache by the root is really dangerous, and consequently such servers are not secure in any way. The reason is, any user may put a script that would access others' file and wipe them off. Even the system files can be deleted this way. The safety is totally dependent on the goodwill of individual user of the server.

The other option is to run the Apache by a limited user account. By limited we mean the user wont be any member of root group and cant write/modify any file/directory that is not owned by him. There are certain limitations in this way, but it is the safest way of running apache. The limitations are, as Apache  has now limited rights your php scripts cant create/modify/delete something in your own folder. This is because Apache runner doesn't have write/create access to files owned by you (unless you set them to 777 and let it happen.)

Since Apache 1.2, it has a mode called suEXEC that allows Apache started by the root user but when it executes any php scripts (owned by some users) it switches to that user before executing that. This option is secure in the sense that one user wouldn't have access to other users files. Configuring suEXEC may take bit of skills to prevent hacking attempts.

Apache security tips are here.
Here is how to setup suEXEC .
 
< Prev   Next >
[ Back ]
 

© 2008 Copyright joomla-bd. All rights reserved. All articles and pictures are properties of respective author. Using them anywhere is prohibited.

Valid XHTML 1.0 Transitional Valid CSS!

Template by Joomlashack