Okay, then it can depend on the hosting rules too. Thanks, I'll check how much safe I can make it.So for scenarios where shared hosting is a good fit it's reasonably safe.
LC server install on a shared host without root
Moderators: FourthWorld, heatherlaine, Klaus, kevinmiller, robinmiller
Re: LC server install on a shared host without root
-
- VIP Livecode Opensource Backer
- Posts: 9850
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: LC server install on a shared host without root
Do you have a hardening checklist you use?
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
Re: LC server install on a shared host without root
by hardening do you mean, security good practice, if so, no I dont yet...I'm still at the very begining of making my first crud scripts working.
...,then I would go into using regex, anti sql-injections setups; etc..
I've just succeded today in writing to the DB from within an LC stack using $Post !
after severals days bumping into the dark !
Sync from the DB to the Stack are in my todo for tomorrow !
Then I should be ready to start building the whole desktop/Mobile project arround.
...,then I would go into using regex, anti sql-injections setups; etc..
I've just succeded today in writing to the DB from within an LC stack using $Post !
after severals days bumping into the dark !
Sync from the DB to the Stack are in my todo for tomorrow !
Then I should be ready to start building the whole desktop/Mobile project arround.
-
- VIP Livecode Opensource Backer
- Posts: 9850
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: LC server install on a shared host without root
That seems like a good plan.
Well done.I've just succeded today in writing to the DB from within an LC stack using $Post !
after severals days bumping into the dark !
Sync from the DB to the Stack are in my todo for tomorrow !
Then I should be ready to start building the whole desktop/Mobile project arround.
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
Re: LC server install on a shared host without root
if you have any links about good practice, always welcomed !
-
- VIP Livecode Opensource Backer
- Posts: 9850
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: LC server install on a shared host without root
When I was getting started with server management I made a habit of searching for things like "server security checklist" and such. Since you're using a shared host most of the nitty gritty is taken care of for you, but the things you've identified like mitigating injections and other MySQL practices make a good focus.
Also, brush up on Linux permissions if they're not already second nature to you. They affect so much, they're not that hard to learn, and they provide so much confidence with how you manage things once you get your head wrapped around them.
Every now and then I go back and run the same types of searches, and read through the various checklists I find to see what I've missed. When you start getting bored because you rarely find new suggestions you're not already doing that's the best sign, objective validation that you've already learned a lot.
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
-
- VIP Livecode Opensource Backer
- Posts: 9850
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: LC server install on a shared host without root
Oh, here's one most checklists miss:
Remember that the computer you use to access your server is a gateway to controlling that server. Many people focus only on the server itself, and forget about its entry points. A laptop that has SSH key and passwords on it that gets stolen means the thief now also has the means to control your server and its resources.
So add personal computing safety to your ongoing reading. The safer your computer is, the safer everything it touches will be.
Remember that the computer you use to access your server is a gateway to controlling that server. Many people focus only on the server itself, and forget about its entry points. A laptop that has SSH key and passwords on it that gets stolen means the thief now also has the means to control your server and its resources.
So add personal computing safety to your ongoing reading. The safer your computer is, the safer everything it touches will be.
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
-
- VIP Livecode Opensource Backer
- Posts: 9850
- Joined: Sat Apr 08, 2006 7:05 am
- Location: Los Angeles
- Contact:
Re: LC server install on a shared host without root
And a bonus: if you come across anything by Kyle Rankin, read it.
His latest book is especially good. It covers a lot of ground that won't affect you as a shared hosting user, but a lot of it will. And later on when you move to a VPS you'll be able to go back to this book to learn more.
https://www.pearson.com/us/higher-educa ... 37619.html
His latest book is especially good. It covers a lot of ground that won't affect you as a shared hosting user, but a lot of it will. And later on when you move to a VPS you'll be able to go back to this book to learn more.
https://www.pearson.com/us/higher-educa ... 37619.html
Richard Gaskin
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
LiveCode development, training, and consulting services: Fourth World Systems
LiveCode Group on Facebook
LiveCode Group on LinkedIn
Re: LC server install on a shared host without root
Thanks, so true...I think after applying each ot the collected requested receipes about Security...
... one could finally publish its own "updated" G.P. book then !
... one could finally publish its own "updated" G.P. book then !