Server Basics Everyone Should Do

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Server Basics Everyone Should Do

Mark Waddingham via use-livecode
Richard's comment about storing password hashes rather than actual
passwords has got me to thinking that there are probably several basic
server activities developers should do when creating a database. Doing
these things from the beginning will help avoid future headaches.

Despite a couple decades of coding experience, I have not done much with
servers, so I was only able to think of a few basics, but maybe you guys
could add to it, so that other LC developers can avoid these pitfalls?

- Store password hashes rather than passwords, using a proven, established
method of 1-way encrypting passwords.

- Work on a development server rather than the production server, and copy
the dev server stack over to the main stack when every thing is tested and
ready for an update.

- Store backups and old versions of the server stack, and server files,
somewhere other than the server, so that it is easy to recover if a hacker
should ransack the server or if some faulty piece of server-side code
sneaks through testing.

- Use indexing, with a scheme for increasing levels of indexing, to speed
up server searches as the record base grows.

- Regularly change admin passwords for the server, to deter hacking.


If anyone has other suggestions, please add them.

J

--
Do all things with love
_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Loading...