Guest Posted August 14, 2008 Posted August 14, 2008 I have spent the morning trying to get the security of my site up to scratch before I go live. I have so far installed: Security Pro IP Trapped Anti xss some htaccess scripts I tried to install Site Monitor but I got an error and havent been able to solve it yet. I also couldnt install the following htaccess scripts **************************************** # stop hotlinking (gif/jpg) and serve alternate content I have included an image for you to upload, please note if you use your images out side of your server (like linked into EBAY) you cannot use this. <IfModule mod_rewrite.c> RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?perfumepalace\.co.uk/.*$ [NC] RewriteRule .*\.(gif|jpg)$ http://www.perfumepalace.co.uk/catalog/images/stolen.gif [R,NC,L] </ifModule> FORCE TYPE <Files site> ForceType application/x-httpd-php </Files> # Deny domain access to spammers and other scumbags RewriteEngine on php_flag register_globals off SetEnvIfNoCase User-Agent "^libwww-perl*" block_bad_bots Deny from env=block_bad_bots ***************************************************** My question is three fold: 1. On the basis I have done nothing else to my OScommerce site, does my site now have an acceptable level of security? 2. Is there anything else that anybody would suggest to increase my security levels? 3. Can anybody see anything wrong with the above htaccess scripts? Thank you for all your help so far. Ian
Amrahp Posted August 14, 2008 Posted August 14, 2008 There are some very useful posts in this thread. Clik here
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.