Recommended security setting

Previous topic

Install & configuration

Next topic

Author	Message
Leandro Villani	Wednesday 28 December 2005 3:12:42 am Hi, I'm about to publish a small site, that will run eZ Publish 3.7.2 on Apache 2 and PHP 4.4.1. I want to know if there are some recommended security settings to do before the site go live (site.ini, httpd.conf, etc.). More details: - The site is based on the corporate sample, have one siteaccess for public access and other siteaccess for administration interface; - On the public siteaccess, users cannot login and all the content is read only (except for contact us form); - The administrative siteaccess uses the default design with no customizations; - The cache settings are already done as recommended in many forum messages. Thank you. Leandro Villani.
Leandro Villani	Friday 30 December 2005 4:51:49 am Hi, There is no critical security configurations?
Kristian Hole	Monday 02 January 2006 12:15:18 am Take a look at this: http://ez.no/doc/ez_publish/technical_manual/3_6/installation/virtual_host_setup Kristian http://ez.no/ez_publish/documenta...tricks/show_which_templates_are_used http://ez.no/doc/ez_publish/techn...te_operators/miscellaneous/attribute

Author

Message

Leandro Villani

Wednesday 28 December 2005 3:12:42 am

Hi,

I'm about to publish a small site, that will run eZ Publish 3.7.2 on Apache 2 and PHP 4.4.1.

I want to know if there are some recommended security settings to do before the site go live (site.ini, httpd.conf, etc.).

More details:

- The site is based on the corporate sample, have one siteaccess for public access and other siteaccess for administration interface;
- On the public siteaccess, users cannot login and all the content is read only (except for contact us form);
- The administrative siteaccess uses the default design with no customizations;
- The cache settings are already done as recommended in many forum messages.

Thank you.
Leandro Villani.

Leandro Villani

Friday 30 December 2005 4:51:49 am

Hi,

There is no critical security configurations?

Kristian Hole

Monday 02 January 2006 12:15:18 am

Take a look at this:

http://ez.no/doc/ez_publish/technical_manual/3_6/installation/virtual_host_setup

Kristian

http://ez.no/ez_publish/documenta...tricks/show_which_templates_are_used
http://ez.no/doc/ez_publish/techn...te_operators/miscellaneous/attribute

eZ debug

Timing:	Jan 31 2025 14:16:09
Script start
Timing:	Jan 31 2025 14:16:09
Module start 'layout'
Timing:	Jan 31 2025 14:16:09
Module start 'content'
Timing:	Jan 31 2025 14:16:09
Module end 'content'
Timing:	Jan 31 2025 14:16:09
Script end

Main resources:

Total runtime	0.0162 sec
Peak memory usage	2,048.0000 KB
Database Queries	3

Timing points:

Checkpoint	Start (sec)	Duration (sec)	Memory at start (KB)	Memory used (KB)
Script start	0.0000	0.0058	588.2500	151.2266
Module start 'layout'	0.0058	0.0025	739.4766	36.6797
Module start 'content'	0.0083	0.0066	776.1563	90.1719
Module end 'content'	0.0149	0.0013	866.3281	33.9922
Script end	0.0162		900.3203

Time accumulators:

Accumulator	Duration (sec)	Duration (%)	Count	Average (sec)
Ini load
Load cache	0.0022	13.5127	14	0.0002
Check MTime	0.0011	6.8403	14	0.0001
Mysql Total
Database connection	0.0007	4.1112	1	0.0007
Mysqli_queries	0.0036	22.0340	3	0.0012
Looping result	0.0000	0.0751	1	0.0000
Template Total	0.0010	6.1	1	0.0010
Template load	0.0008	5.0312	1	0.0008
Template processing	0.0002	1.0422	1	0.0002
Override
Cache load	0.0006	3.7918	1	0.0006
General
dbfile	0.0029	17.6195	8	0.0004
String conversion	0.0000	0.0397	4	0.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

Usage	Requested template	Template	Template loaded	Edit	Override
1	print_pagelayout.tpl	<No override>	extension/community/design/community/templates/print_pagelayout.tpl
Number of times templates used: 1 Number of unique templates used: 1

Time used to render debug report: 0.0001 secs