Tips for security


Database Security Precautions:

We have made all possible efforts to secure the script database from tempering and theft. Still there are some precautions that will ensure even tighter security of your precious data:
  • If you have provided the root/main user of database to the script, please change this. Never use the root user of the database in the script (at-least after installation is complete).

  • If you have already provided a secondary user, please make sure that the user only has rights to execute queries like SELECT, UPDATE, INSERT, DELETE and TRUNCATE. The user should not have rights to execute DROP TABLE or other critical mysql commands.

  • Make a habit to take your database backup regularly. A daily, weekly or monthly backup, depending on the size and importance of your data could save you from a lot of trouble in case of any mishap.



File System

Change install directory name: [IMPORTANT]
Change the name of the install directory or change its permissions to avoid any reinstallation or heck attempts.

Change Permissions Back:
Change permissions of following files back to 644 as installation is complete.

/path.php
/include/config/constants-preinstall.php
/include/site_constants.php


Give Write Permissions to Folders:
Change permissions of all the sub-folders of following folders to 777.
/upload/
/cache/upload/

If you are on VPS/dedicated machine then change ownership to apache (instead of CHMOD775)

Give Write Permissions to Folders: (Optional)
If you want to create new languages then
  • Change permission of /images/ folders (script-root folders) to 777.
  • Change permissions back after you have created new languages to CHMOD755