Tip #2 Web development tips and tricks

Tip #2 in this series touches on the topic of security.  With the latest heartbleed vulnerability within OpenSSL hitting the headlines security it currently at the forefront.  I think it is fair to say that security is not a priority for most web developers: for some it is not even on the radar.  The problem is, that it is way, way too easy, to roll-out a site for a new project, get paid and move on. But, what happens to the site a week, month or a year down the line?  Worse case scenario is the site gets hacked.  Why? Because, it is not being kept up-to-date with the latest security patches and your web developer has moved on.

The simple solution is to keep you platform up-to-date.  Whether it Magento, Symfony, WordPress or Joomla.  It needs to be kept current.  If you were offered a way to improve the security of your house would you take it?  Of course you would.  The same should apply to your website.  Security vulnerabilities are discovered all the time. We should give the framework vendors credit here.  They issue security patches with a high level of speed and efficiency.  The problem you face is getting that security patch installed on your website.  I’d suggest striking a deal with your web designer/agency so they are responsible.  Of course they would expected some recompense for this, but, it shouldn’t be a lot.  Any web designer/agency who will not agree to this are obviously not a good choice to begin with.  Security first!

Tips for securing SSH

SSH is the preferred method for providing remote shell services such as command execution.   Designed as a replacement for the old-school insecure Telnet protocol SSH provides an encrypted secure connection between client and server.  Although, far more secure than its for-farther, there are some extra steps you can take to increase out-of-the-box setting to increase the level of security.

The following assumes a fresh installation of CentOS 6.  By default the SSH service is not enabled.  To enabled the service you need to start the service.  To do this run the following command as the root user within a terminal:

service sshd start

To configure the system to start the SSH service at start-up you can run the following:

chkconfig sshd on

The service will now accept connections from clients. The configuration of the service is controlled by the contents of a configuration file called ‘sshd_config’ located within the folder ‘/etc/sshd/’. Open this file using the editor of your choice. Read more