Josefu - 10:23 pm on Jan 9, 2008 (gmt 0)

(grin) Now that I think of it, the only site/server "hacker safe" is one... with nothing on it. One question though: is bare-bones Apache "hackable"? How about bare-bones Debian?

I had a recent thousand-fold bout of attacks (er, queries rather) targeting any-everything php, mysql, ms, phpmyadmin, horde, and even "random" common-name files with a .php extention. It taught me a lesson or two, but I wouldn't (dare to) say at all that my site is "hacker safe".

I did manage to come up with a site "architecture" that keeps all (externally-inaccessible) scripting separate from my (accessible, server-generated) html content - will share if it interests any - have battened down all ports but those needed, and make sure to obfuscate my dynamic urls/real hierarchy/website technology. Even then, all I can say is that it's worked until now.

[edited by: Josefu at 10:26 pm (utc) on Jan. 9, 2008]