Changes between Version 26 and Version 27 of security

Aug 17, 2017, 3:49:16 PM (4 years ago)
Jamie McClelland



  • security

    v26 v27  
    5454 * If your web site address does not have a padlock next to it (and is not accessible via https) - then all traffic to and from your site is in plain text and can be watched by anyone with the legal or technical means to intercept it. If you use a username and password to login to your site - that information is also sent without encryption. At May First/People Link, you can enable encryption [wiki:/faq/security/setup-certificate with a few clicks] thanks to [ Lets Encrypt].
    5556 * If you are using your site to organize people, and your campaign is successful, you could find yourself under criminal investigation in which [ logs of every visitor to your site are subpoenaed]. Find out how to [wiki:web_server_logs turn off logging on your site] to avoid being placed in this position.
    5657 * May First/People link has an extensive [wiki:/faq/data-backup backup system in place]. However, if downtime is critical, we encourage you to mainain [wiki:/faq/member-backup your own backup as well]. Deciding your backup strategy will require a trade-off between privacy (you don't want backup copies lying around) and reliability (you want to have the data to get your site back online at a moment's notice)