Mike’s ramblings

Nik Cubrilovic, occasional writer for Techcrunch, has published a good article concerning source code security in response to the Facebook code leakage I hope none of you missed.
Short summary:

• Use mod_security
• Put all of your code except index.php outside of your web root
• Change the default file type in the Apache (or whatever you use) configuration
• Use ‘Deny all’ to prevent access to folders outside the web root

For more in-depth information and guidelines how to implement these security measures check out Nik’s blog.

This entry was posted on Friday, August 24th, 2007 at 5:32 pm and is filed under Code, Programming, facebook, security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.