Web deployment policies

Web deployment policies

From Jon's Wiki

Revision as of 23:23, 24 March 2016 by Richard (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Server code should not be able to write to itself
- one user for webserver (fastcgi?) to run as, one for deployment
config should live under /etc/, and not in the docroot/code
Use SSL/TLS wherever possible
Use salted good hashes for passwords

Retrieved from "https://wiki.jon.geek.nz/index.php?title=Web_deployment_policies&oldid=2125"