04879nam 2200661 a 450 991078933420332120200520144314.01-283-39776-597866133977681-118-09174-4(CKB)3400000000022000(EBL)706893(OCoLC)739838968(SSID)ssj0000551084(PQKBManifestationID)12253016(PQKBTitleCode)TC0000551084(PQKBWorkID)10524468(PQKB)10185166(Au-PeEL)EBL706893(CaPaEBR)ebr10514017(CaONFJC)MIL339776(CaSebORM)9780470916216(MiAaPQ)EBC706893(EXLCZ)99340000000002200020110210d2011 uy 0engur|n|---|||||txtccrCMS security handbook[electronic resource] the comprehensive guide for WordPress, Joomla!, Drupal, and Plone /Tom Canavan1st editionIndianapolis, Ind. Wiley Pub.c20111 online resource (434 p.)Includes index.0-470-91621-4 CMS Security Handbook; Contents; Introduction; Chapter 1 Introduction to CMS Security and Operations; Target Acquired; Operational Considerations; Educating Your Employees and End Users; Raising Security Awareness; Training on Information Security Policies; Providing a Standard Protocol for Threat Reporting; Ensuring E-mail Security; Applying Patches and Updates; Being Aware and Staying Safe; Looking at Your Site Through the Eyes of a Hacker; Steps to Gaining Access to Your Site; Researching; Googling Away; Using Google Hacking Tools (Dorks); Footprinting; Using NMAP for Nefarious MeansUsing TracerouteFinding Subdomains; Enumeration; Attacking and Owning the Site; Wiping Out Their Tracks; Examples of Threats; Social Engineering; Calling into Your Office; Sending in a Trusted Friend; Using USB Keys; Indiscriminate Browsing or Instant Messaging; External Media; Vendors or External Clients/Customers as the Threat; Reviewing Your Perimeter; Using Virus Protection; Banning Passwords on Desks; Enforcing a Password Complexity and Change Policy; Policing Open Wireless; Tools for Wireless Detection; How Will You Respond to an Incident?; Does Your Plan Exist?; Is the Plan Up to Date?Where Are Your Backup Tapes, Disks, and USBs?Summary; Chapter 2 Choosing the Right Hosting Company; Types of Hosting Available; Shared Hosting; Virtual Private Server (VPS); Dedicated Server; Cloud Hosting; Security of Data in a Cloud; Selecting the Right Hosting Option; Budget Considerations; Determining the Appropriate Server Size; Case 1: Light Website Traffic (Shared Hosting); Case 2: Medium Website Traffic (VPS); Case 3: Heavy Website Traffic; Using Backups; What to Look for in Web Host Security; Physical Security; Glass Windows; Flooding; Signs; PeopleDumpster Diving and Social EngineeringBreach Response; Terrorists; Access to Equipment; Water Detection; Fire Suppression; Emergency Procedures; Disaster Recovery and Business Continuity; Cyber Security; Firewalls and Intrusion Detection; Log File Auditing; Spam, Virus Scanning, and Prevention; Patching for Weaknesses; VoIP; Web Servers; Environmental Support; Network Redundancy; Electrical Service; Technical Support; Emergency Planning for the Host; Location of the Host's Data Center; Processes; Backups; Offsite Procedures; Accepting Credit Cards on Your Website; Understanding PCIPCI TerminologyBecoming PCI Certified; Installing an SSL Certificate; Testing by ASV; Choosing a Shopping Cart; Storing Data Securely; PCI Vulnerability Management Plan; Avoiding Common ASV Testing Pitfalls; After Certification; Domain Name System Servers; Understanding DNS; Threats to DNS; DNS (Name Server) Failure; Zone Transfers; Lack of Patching DNS Servers; DNS Poisoning; Hosting Your Own Website Server; Getting Ready; Making Your Shopping List; Choosing an Operating System; Ensuring Security; Patching; Summary; Chapter 3 Preventing Problems Before They StartChoosing an Appropriate CMS for Your NeedsProvides information on maintaining security for websites built on open source Content Management Systems.Computer networksSecurity measuresData protectionWeb sitesSecurity measuresComputer networksSecurity measures.Data protection.Web sitesSecurity measures.005.8Canavan Tom1552590MiAaPQMiAaPQMiAaPQBOOK9910789334203321CMS security handbook3867602UNINA