Quote:
Originally Posted by TeenCat
- log all activity in admin areas on your server, get reports when unknown things happens
- do not send password through emails, do not store emails with passwords
- put your own testing real looking combos in htpasswd so you can track the hacks easily
- have all logins with captcha, not only popup 401 window
maybe sounds easy and basic, but those are things how smart kid can take your datas even without knowing any programming language  |
good call, abundance of basic security measures is what provides most vulnerability more often.