| Home | Register | FAQ | Members List | Search | Today's Posts | Mark Forums Read |
| DesignersTalk > Best security practices for internal-only Wiki |
|
LinkBack | Thread Tools | Search this Thread |
26-06-2008, 13:32
|
#1 (permalink) |
|
Semantics, yay.
Join Date: Nov 2005
Location: Salem, Massachusetts
Posts: 1,105
|
Best security practices for internal-only Wiki
Hey all, I'm looking for advice on security ... I've a Wiki on my business website, hosted on a VPS, that's currently protected with .htpasswd and a fairly healthy username / password combination. Before I put any real sensitive information in there, I wanted the opinion of others (anybody with more system security knowledge than I have) who can tell me if there is anything more secure than .htpasswd I should be doing. I think I can setup my Wiki to not allow anybody to read anything beyond the home page before they log in with Wiki-based credentials, and if that's true, then I'll have both .htpasswd & individual Wiki username / password security before someone can read the content, but, again, I wonder what is the best way to do this. I can't limit entry to specific IP addresses, because the few people I want to grant access to are spread all over and have dynamic IP addresses. So, is what I've got as good as it gets, or can I get more secure considering my circumstances? |
|
|
|
|
26-06-2008, 13:43
|
#2 (permalink) |
|
misanthrope
Join Date: Jan 2005
Posts: 12,268
|
Some ideas... SSL will protect the data going between client and server. I don't know how robust an htpasswd solution is, but if you want to use something else, you might consider a custom solution. Honestly, I think you'll be fine with what you've got. Just keep an eye on your stats and all that. |
|
|
 |
