Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Hosting Requirements /

What you need to consider when choosing a hosting provider and plan.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

SS or my host


Go to End


2 Posts   2189 Views

Avatar
Bambii7

Community Member, 254 Posts

10 December 2009 at 8:29am

Edited: 10/12/2009 8:30am

Hey guys, it's been a few months since I played with SS and I'm getting withdrawals. Been playing with Magento, which hasn't been the most exciting experience.
Any way I'm very hung over today, so I thought I'd through my query out there and see what comes back. Hopefully more than my marinated brain can produce.

I've been hosting a couple of sites on host gator, not the best host, but cheap to host a couple of sister sites on a different ip. They've been hacked a couple of times in the last month. And now google has de-indexed some of the sites :(
The first time I got hacked I reset the ftp/cpanel password and user name. I've been hosting 2 SS sites and 2 Word Press sites (WP being my brothers choice of CMS). And it's a shared host.....

Are there security vulnerabilities with SS? Ones that could enable the server to be hacked? Host Gator being the angels they are don't offer a lot of incite. I'll search though some log files after a strong cupa Joe. After writing all that and rereading it I've forgotten what I was going to ask.... DAM I had a clear question when I started. "after a minutes hesitation" I guess any ideas into why I got hacked and ideas on prevention... but that's a lot to ask....

Avatar
Willr

Forum Moderator, 5523 Posts

10 December 2009 at 12:04pm

Are there security vulnerabilities with SS?

Make sure you're using the latest versions of SS and follow the security release announcements - http://groups.google.com/group/silverstripe-announce when we announce a security update then you are recommended to upgrade as soon as possible. Due to the nature of the open code base as soon as we fix anything security related the issue is pretty much out in the open!

Then again but the sounds of your sites being defaced thats not the usual outcome of when a user gets access to your SS site due to the fact the themes aren't controlled in the cms.

Make sure your site isn't in devmode as well - devmode has less security restrictions.