header image
Home arrow FAQs arrow Mambo and Security arrow How do I secure my Mambo site?
How do I secure my Mambo site?  E-mail
A simple question with a complex answer! It is complex because security issues arise from a variety of sources: your code, your server, the other things running on your server, the users, etc. While Mambo itself is relatively secure, you may still experience problems if the server is compromised or if a user gives up a password. The basic steps you should take however include:
  • Do not unnecessarily leave directories open with CHMOD set at 777 (configuration.php in particular should be set to chmod 644)
  • Delete your old installation directory (don't just rename it!).
  • Implement HTTP access controls for your admin login.
  • Make all your admin passwords at least 8 characters and containing symbols and numbers as well as letters.
There's more that you can do, but it is outside the scope of this FAQ.
Mambo is OSI certified Open Source software. It is free of charge and is governed by the General Public License (GPL). Learn more about Open Source and the OSI at the Open Source Initiative (OSI) website.