Changes between Version 15 and Version 16 of security


Ignore:
Timestamp:
Aug 17, 2017, 3:02:32 PM (4 years ago)
Author:
Jamie McClelland
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • security

    v15 v16  
    4343Web sites also cross many different security themes. Your web site may contain sensitive data that should only be scene by people with the right access. Also, your web site may track visitors, which could be  used in a lawsuit to against your allies.
    4444
    45  * If your web site address does not have a padlock next to it (and is not accessible via https) - then all traffic to and from your site is in plain text and can be watched by anyone with the legal or technical means to intercept it. If you use a username and password to login to your site - that information is also sent without encryption. At May First/People Link, you can enable encryption [wiki:/faq/security/setup-certificate with a few clicks] thanks to the [https://letsencrypt.org/ Lets Encrypt project].
     45 * If your web site address does not have a padlock next to it (and is not accessible via https) - then all traffic to and from your site is in plain text and can be watched by anyone with the legal or technical means to intercept it. If you use a username and password to login to your site - that information is also sent without encryption. At May First/People Link, you can enable encryption [wiki:/faq/security/setup-certificate with a few clicks] thanks to [https://letsencrypt.org/ Lets Encrypt].
    4646 * If you are using your site to organize people, and your campaign is successful, you could find yourself under criminal investigation in which [https://mayfirst.org/en/2017/content-statement-justice-department-demands-dreamhost/ logs of every visitor to your site are subpoenaed]. Find out how to [wiki:web_server_logs turn off logging on your site] to avoid being placed in this position.
    47  * May First/People link has an [wiki:/faq/data-backup backup system in place]. However, if downtime is critical, we encourage you to mainain [wiki:/faq/member-backup your own backup as well]. Deciding your backup strategy will require a trade-off between privacy (you don't want backup copies lying around) and reliability (you want to have the data to get your site back online at a moment's notice)
     47 * May First/People link has an extensive [wiki:/faq/data-backup backup system in place]. However, if downtime is critical, we encourage you to mainain [wiki:/faq/member-backup your own backup as well]. Deciding your backup strategy will require a trade-off between privacy (you don't want backup copies lying around) and reliability (you want to have the data to get your site back online at a moment's notice)
    4848
    4949=== Databases ===