Jump to content

How Secure is my website ?


ian

Recommended Posts

Posted · How Secure is my website ?

Im really a newby at building sites.

I started a few weeks ago now building a site for my historical photo collection.

I have upladed almost 260 rare and valuable photos already.

Before I dump truck even more onto the online platform ?.... Is there anyway to check how secure the site is ?

I dont really want someone to be able to open a public folder directly and click... copy and paste all content.. Then I have a lot of fun trying to stop a small army of people selling DVDs online with my photo collection for 5.99... :sad:

If anyone with experience in this direction could give me a few security tips ... that would be brilliant !

Thanks guys.

Ian :smile:

http://www.pixpast.com

 

  • Link to post
    Share on other sites

    Posted · How Secure is my website ?

    Thanks Daid for the good tip ! :-)

    Im going to apply this tonight.

    If you spot any more loopholes in the system please let me know.

    I spent every penny iv earned for 16 years buying these rare pictures and I want to try and protect the online archive.

    Thanks a lot and big hugs !

    Ian :-)

     

  • Link to post
    Share on other sites

    Posted · How Secure is my website ?

    Ian - my day job is basically testing the security of web sites. I'll take a look at it for you, in the next day or two, once I get through some post-maker-Faire backlog.

  • Link to post
    Share on other sites

    Posted · How Secure is my website ?

    Ian - my day job is basically testing the security of web sites. I'll take a look at it for you, in the next day or two, once I get through some post-maker-Faire backlog.

     

    THANK YOU !!

    I probably have spent.... more than 40,000 euros on buying the first color film footage and that is every cent I earned since University.. I want to have a OK chance to put this amazing historical collection online and try and earn a few bucks back from the investment.

    Thats why these little checks now as the site is young and small is so so important !

    So big THANK YOU if you can have a look for me :smile:

    Ian :smile:

     

  • Link to post
    Share on other sites

    Posted · How Secure is my website ?

    The problem with .htaccess or similar techniques is that if your server/hosting package is compromised, somebody would be able to download the entire site. You could create/buy a system where only the previews are stored on the server and the originals are fetched from another server in the background only when needed.

    But why not add your photos to istockphoto.com or similar services? I guess with so many rare and high quality photos, you could strike a good deal and maybe earn more than through (yet unknown) site.

     

  • Link to post
    Share on other sites

    Posted · How Secure is my website ?

    if I moved my image files to... amazon cloud for example.. then what would stop people just trying to hack that account with amazon and get there hands on the pictures that way ?

    From what iv seen the last months with big companies and big security.. everything is crackable....

    But open to good handy tips to give me a little chance... ;-)

    Also about me going alone... I tried renting out my collection to a big photo agency... I got a little fed up receiving 20 percent royalties for the images I own and bought... seemed like day light robbery to me.. so better setting up pixpast... run it for 10 or 20 years... setup fair prices compared to the other big guys.. and then spread the word...

    If it takes 10 years to get things running.. thats OK with me.. aslong as in the end its my baby and if or when a photo sells... i get the money from my investment and not only 20 percent..

    Ian :-)

     

  • Link to post
    Share on other sites

    Posted · How Secure is my website ?

    ok i just did the "-Indexes" change.... im still wondering about using the cloud ?

    Ian :-)

     

  • Link to post
    Share on other sites

    Posted · How Secure is my website ?

    There's no difference between the cloud and a server somewhere else. It is just that with some big companies you *might* have a better chance to protect your server because they can roll out the big guns.

    But your specific problem is not related to a server type but rather to the fact that you goods are on the server. And if somebody hacks into it, then it is game over.

    That's why I had the idea to put the assets somewhere else. A server without public access. Then from your frontend server fetch assets when needed from the asset server. You could then monitor the traffic between the two servers and rais alarm if something fishy happens (like too many photos accessed at once).

    I am sure there are tools out there that do this because creating such a system on your own is quite a task.

     

  • Link to post
    Share on other sites

    Posted · How Secure is my website ?

    The photo sales shop software I bought for this project actually has an option to connect to amazon cloud.

    I was just a little slow to start buying the next hosting account ontop of the normal one I have already..

    But I guess I shoudnt try and save on safety...

    Ian :-)

     

  • Link to post
    Share on other sites

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now
    • Our picks

      • S-Line Firmware 8.3.0 was released Nov. 20th on the "Latest" firmware branch.
        (Sorry, was out of office when this released)

        This update is for...
        All UltiMaker S series  
        New features
         
        Temperature status. During print preparation, the temperatures of the print cores and build plate will be shown on the display. This gives a better indication of the progress and remaining wait time. Save log files in paused state. It is now possible to save the printer's log files to USB if the currently active print job is paused. Previously, the Dump logs to USB option was only enabled if the printer was in idle state. Confirm print removal via Digital Factory. If the printer is connected to the Digital Factory, it is now possible to confirm the removal of a previous print job via the Digital Factory interface. This is useful in situations where the build plate is clear, but the operator forgot to select Confirm removal on the printer’s display. Visit this page for more information about this feature.
          • Like
        • 0 replies
      • Ultimaker Cura 5.6 stable released
        Cura now supports Method series printers!
         
        A year after the merger of Ultimaker and MakerBotQQ, we have unlocked the ability for users of our Method series printers to slice files using UltiMaker Cura. As of this release, users can find profiles for our Method and Method XL printers, as well as material profiles for ABS-R, ABS-CF, and RapidRinse. Meaning it’s now possible to use either Cura or the existing cloud-slicing software CloudPrint when printing with these printers or materials
        • 48 replies
    ×
    ×
    • Create New...