CodingForums.com - View Single Post

johnnnn · 08-09-2010, 01:49 AM

I'm currently making a check list of ALL possible security checks I can use for writing my own custom CMS. As far as the control panel/admin panel goes, I've been speculating the following to provide the best security I can (bear in mind, a 100% secure system is a virtual impossibility.)

Here's what I thought of thus far:

.htpasswd (outside of /public_html)
Block access to any files starting with .ht via htaccess
Database based login
Password protect the admin directory
"Sanitize" any user input, run checks, etc.
General consideration, place any config files outside of /public_html/, no sensitive data in .inc.php files
Record errors/warnings

What do you think?

08-09-2010, 01:49 AM	PM User \| #1
johnnnn New Coder Join Date: May 2009 Location: Pennsylvania, United States Posts: 54 Thanks: 16 Thanked 0 Times in 0 Posts	Best admin panel security for CMS? I'm currently making a check list of ALL possible security checks I can use for writing my own custom CMS. As far as the control panel/admin panel goes, I've been speculating the following to provide the best security I can (bear in mind, a 100% secure system is a virtual impossibility.) Here's what I thought of thus far: .htpasswd (outside of /public_html) Block access to any files starting with .ht via htaccess Database based login Password protect the admin directory "Sanitize" any user input, run checks, etc. General consideration, place any config files outside of /public_html/, no sensitive data in .inc.php files Record errors/warnings What do you think? Last edited by johnnnn; 08-09-2010 at 01:31 PM..