You are reading the Drake CMS Official Forums archive, available for historical purposes only.
Drake CMS has been rebranded into Lanius CMS, visit the new Lanius CMS Official Forums if you need support about Lanius CMS or Drake CMS -> Lanius CMS migration.
Use the access and
edit groups to limit the authorizations of your users. Test the
usability of your website impersonating test users for each
group. Make weekly full tarball backups and move them
off-site on a monthly basis. Use strong passwords and do not
give away the password of your Manager or Administrator user! Update your software. Use protected downloads to prevent
leechers. Look in the logs. Do not use HTTP Basic
Authentication, prefer Digest Authentication. Check that
nobody can access your config.php or your flatfile database
files.
= Accessibility
Update the keywords
and description of your content items after changes. Do not
use javascript trickery to allow access to certain parts of the
website. Test your webpages with Internet Explorer, Firefox
and Opera. Test all the components and features you use.
= Performance
Do not use the embedded
statistics or any other PHP statistics, use the webserver
statistics. Prefer MySQL or any other server DBMS over
SQLite or worse Gladius DB. Use a PHP code cache. Enable output compression to save bandwidth. Do not
retrieve URLs from the server when serving any page (like with
URL fopen() calls). Disable magic quotes!
awrog
Re: Usage tips
16 January 2008 10:02
Anonymous
Good tips.
Quote:
Check that nobody can access your config.php or
your flatfile database files
Question: what to do to
achieve maximum security?
Quote:
Prefer MySQL or any other server DBMS over SQLite
or worse Gladius DB
I have to disagree The Gladius
database is quite 'up to the job'! I have no problems with
the performance whatsoever. If you are experiencing performance
problems, it migt well be that other factors are causing the
problems (bad configuration, overloaded servers, etc.) The
only drawback for Gladius is its lack of an administrative tool.
Perhaps that will change in the future.
AWRog
legolas558
Re: Usage tips
16 January 2008 11:10
Anonymous
Quote by awrog:
Quote:
Check that nobody can
access your config.php or your flatfile database files
Question: what to do to achieve maximum security?
Depends from the users which access your
system
On a properly configured UNIX system you would
do a: Code:
The above would allow
only apache to access the config.php file.
Quote:
Quote:
Prefer MySQL or any
other server DBMS over SQLite or worse Gladius DB
I
have to disagree The Gladius database is quite 'up to the
job'!
It's not about agreeing or not, it's from
the technical point of view (and I have written each line of
Gladius DB): Gladius DB cannot scale well by design, when you
reach a certain amount of records (we talk about thousands here)
it will be slow (unless all PHP file opens are mapped). The
slowest part will be the file write, I guess. However, I don't
have any benchmark about it.
Quote:
I have no
problems with the performance whatsoever. If you are experiencing
performance problems, it migt well be that other factors are
causing the problems (bad configuration, overloaded servers,
etc.)
I am not saying that Gladius DB is slow. I
have written it and, trust me, all possibly optimizations are in
place. Only a superficial reader would say that I am suggesting
to not use Gladius DB. As said previously, Gladius DB
performance depends from the number of records, and that's not
scalability. I know it's meaningless for the average user, but
Drake CMS is for average and professional users! Quote:
The only
drawback for Gladius is its lack of an administrative tool.
Perhaps that will change in the future.
Gladius
DB is a DB engine, administrative user interfaces are not part of
database engines (like PHPMyAdmin is not part of MySQL).
Usage tips 
The Gladius
database is quite 'up to the job'!