Good Practices - Things to do to secure the site before going live

Permalink
I've got some basic concerns that I have not taken any precautions to prevent the site from being hacked.

Is there a recommended list of "Good Practices / Check list" to ensure I've covered what I should.
- biggest concern is the "Config" file showing database access and password.
- Are there other things - that you guys have learned as you have implemented (like preventing sql injection, etc).
- Is there an area on the site for this kind of list (sorry if I missed it)
I hope this is the appropriate thread to post this

- Any help / direection much appreciated - thanks in advance

HOBOcs
 
HOBOcs replied on at Permalink Reply
HOBOcs
bump
12345j replied on at Permalink Best Answer Reply
12345j
the config file should be safe, likehttp://concrete5.org/config/site.php... you can't see the values that it uses
data inputs in the core are sanitized and theres helper function to sanitize custom data
http://www.concrete5.org/documentation/how-tos/editors/security-and...
HOBOcs replied on at Permalink Reply
HOBOcs
Perfect - just what I was looking for.(Reassurance)
I'm good to go.
I appreciate the quick response J (Thumbs Up)

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.