Author Archive

Backup Your Database!

It is imperative that you backup any data that you have online.

If you have an online bookstore using a database and you’re not backing up daily, you are running a serious risk of losing some your business’ valuable assets.

While your inventory can be rebuilt, what would you do if you lost your customer database? Especially when simple utilities exist that will allow you to automatically receive an email, or have your database FTP’d,  so you can store your critical business assets offline.

If you use a MySQL Database, here are the instructions on how to use an extremely easy, simple and free solution

If you know of other utilities for other databases, please let me know and I will include them here. I think it is very important to maintain backups at all times.

You can email me at paul [A.t .] booksellingonlineblog.com

Advertisements

May 14, 2007 at 4:39 am 5 comments

Extra Security Tip To Stop Hackers

As originally posted on www.BookSellingOnlineBlog.com:

Whenever you host an application online, the potential for hackers to infiltrate your system is there.

More often than not, software programs involved in the web industry are always targetted. PHP, Perl, Linux, Apache, MSSQL, MySQL, IIS, Tomcat, and a number of other platforms are constantly being researched in order to find exploits.

In terms of book sellers, this means our customer databases, revenue transactions, inventories, and contacts can all become potential targets.

I don’t want to scream “The Sky Is Falling!”, but as business owners we still need to address the possibility of insecurities.

Using the “easiest target is the most attractive target” principal, here are some simple tactics that can help you be less interesting to potential hackers:

Protect all admin directories with .htaccess

Believe it or not, a webpage that asks for a username and password is still not as secure as the pop up authentication window. The webpage authentication only protects your pages whereas .htaccess authentication protects all files within a directory. This is especially important if you’re using open source applications.

For an example, try loading an image using it’s full page in a browser from an admin directory. Where people have relied on the page authentication, the image will still load – that is a hole that can be easily plugged.

A major drawback to open source programs is they’re open source -) At any given time, a hacker has the ability to understand how the software works and develop holes in its security.

Here is how you can install .htaccess to help deter hacking:

  1. Create a text file called htaccess.txt
  2. Put the following into the file:

    AuthType Basic

    AuthName “Protected Area”

    AuthUserFile “/home/passwd”

    require valid-user

  3. Make sure the location: “/home” is below your webroot (that means no files from that directory can be loaded through a browser)
  • Create a new text file call passwd.txt
    1. Go to a password generation site, like this one, and enter a username and password
    2. Copy and paste the result into your newly created passwd.txt
      1. For example, username and password asdf / asdff comes out like this:
        1. asdf:jcbpYD.EdTq1s
        2. You can have as many users as you like in this file
    3. Save that value into the passwd.txt file (it will only have that one line)
  • Now connect to your web host through FTP and copy the htaccess.txt file into the directory that you want to protect and copy the passwd file into the directory that you specificed in the htaccess file (remember, keep the passwd file below your web root)
  • Rename htaccess.txt to .htaccess (please note the period at the beginning of the filename)
  • Rename passwd.txt to passwd
  • Test your newly protected directory!
  • It will be a little annoying to login twice in order to get to your backend applications, however well worth it to lower your chances of being hacked.

    May 11, 2007 at 6:19 am 1 comment

    I’m humbled!

    I am definitely going to attempt to filll the void left by R. and help bring technology and books a little closer together.

    I have also enjoyed this blog and will do my best to continue it’s tradition. Please feel free to comment and give me a little direction if you have any questions that you’d like answers to.

    Ads by AdGenta.com

    May 9, 2007 at 11:49 pm Leave a comment


    Recent Posts

    RSS New books at Shapero’s

    • An error has occurred; the feed is probably down. Try again later.

    RSS New Books at Maggs

    • An error has occurred; the feed is probably down. Try again later.