Changes between Version 26 and Version 27 of security


Ignore:
Timestamp:
Aug 17, 2017, 3:49:16 PM (4 years ago)
Author:
Jamie McClelland
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • security

    v26 v27  
    5353
    5454 * If your web site address does not have a padlock next to it (and is not accessible via https) - then all traffic to and from your site is in plain text and can be watched by anyone with the legal or technical means to intercept it. If you use a username and password to login to your site - that information is also sent without encryption. At May First/People Link, you can enable encryption [wiki:/faq/security/setup-certificate with a few clicks] thanks to [https://letsencrypt.org/ Lets Encrypt].
     55[[Image(lock.png)]]
    5556 * If you are using your site to organize people, and your campaign is successful, you could find yourself under criminal investigation in which [https://mayfirst.org/en/2017/content-statement-justice-department-demands-dreamhost/ logs of every visitor to your site are subpoenaed]. Find out how to [wiki:web_server_logs turn off logging on your site] to avoid being placed in this position.
    5657 * May First/People link has an extensive [wiki:/faq/data-backup backup system in place]. However, if downtime is critical, we encourage you to mainain [wiki:/faq/member-backup your own backup as well]. Deciding your backup strategy will require a trade-off between privacy (you don't want backup copies lying around) and reliability (you want to have the data to get your site back online at a moment's notice)