Re: [bitfolk] php hosting

On 2013/01/30 8:15 PM, Jeremy Kitchen wrote: I once had a _senior_ developer ask me how unix permissions works, as he could not execute any commands. I don't know if his PATH was wrong or anything as I wasn't allowed to touch the box. He ended up googling and doing a... wait for it... chmod -R 777 / I saw that later on. Luckily I don't work there anymore. If any of these applications provides a "updates" or "security" list join them. Yeah. Definately agree here. I don't run other people's code. I have one developer who works with me, who uses wordpress - and he's not had any issues yet (touch wood), due to keeping up-to-date, etc. I write my own code. I write it securely. And then even if you manage to get into my system, most of the times you can't even change my data (user is read-only). You can't traverse the filesystem. My own code has actually once been targeted by an international hackers group. On a specific site (out of loads I have done) they managed to get in via an obscure sql injection, and stole a load of *public* information, and unfortunately a list of my sha1 passwords for logins to that site (±100 users). "$ update users set password='.';" invalidated all those passwords in a couple of milliseconds. Our support staff had to simply re-generate those passwords as the clients complained. And some of the clients accessed that site once a month or less, so no huge strain on them.