Security - Development and Tech

Issues with using a CMS

Gary Bell on Development, Hosting, PHP, Security, Updates | 09 Aug 2019

If you have a website, the chances are it runs on a CMS (Content Management System). There are hundreds of them out there, some you will have heard of; Wordpress is the obvious one. Others include Drupal, Joomla, and Umbraco. These are great for the most part, as they require…

Encrypting the site

Gary Bell on Apache, Website, Security, Configuration | 21 Sep 2016

I've just moved my site from HTTP over to HTTPS. It's not a huge deal for something like this, but it's something which I've really needed to do for a while, and something which is becoming more and more popular. For most people this won't mean much, and for this…

NEVER trust user input

Gary Bell on Development, Security, Database, SQL Injection | 16 Mar 2016

I've had the joys recently of being part of a code audit for a potential client for a change or re-build of a system. The code in itself was complete textbook...of how not to code a system. It looked like it had been built long long ago when OO…

Perils of a shared hosting platform

Gary Bell on Web Server, Security, Vulnerability, Website | 09 Mar 2016

Once again I've been inspired by a stack overflow question, and it made me think about issues of a shared hosting platform. You know the ones; the "host your site for £2.99 a month" sites. There's nothing inherently wrong with it (I was using them for a long time…

Developers still lack security know-how

Gary Bell on Development, Security, Passwords | 05 Mar 2016

Earlier this week I was looking into RESTFUL web services and how to create them, so I set myself a small project. The idea was to do something very basic, but that could be useful for someone rather than just a proof of concept. i had no real direction. With…

Fun with Firewalls

Gary Bell on Configuration, Web Server, Security | 25 Sep 2015

Firewalls are not fun. I've got to open with that statement as I've been doing a lot of work with firewalls in the past couple of weeks. It's not been the most enjoyable of experiences, but I can see why it is needed.I've been working with some during my…

Setting up your web server

Gary Bell on Apache, Configuration, Linux, Security, Setup, Web Server | 20 May 2015

I spend quite a lot of time on StackOverflow, both in terms of finding answers for something I need, and also for helping people out with their issues. One question I see quite a lot is around security permissions for creating files on the server. Usually these questions are for…

Keeping data secure

Gary Bell on Authentication, Backup, Data Protection, Encryption, Security, Passwords | 19 May 2015

Following the news this week that South Wales Police have been hit with a fine of £160,000 for not reporting missing data for two years, I got thinking about the importance of keeping data secure.The case itself is an extreme example of why you should keep data secure.…