Frequently Asked Hosting Questions
All logins to the admin system are handled by our secure server. After login, your session changes to http (by default - you can change this to https if you wish in your preferences).
However, If you are restricting your session to a particular IP address at login, this is unnecessary and may slow down your admin session. A cookie maintains your session ID. If you restrict your admin sesion to a particular IP, all page requests that send this cookie value from an invalid IP address are rejected.
What do you mean, by 'restrict to IP address?
When your computer is connected to the internet, it identifies itself through a unique number called an IP address. This address is of the form xxx.xxx.xxx.xxx, eg:
Normally, your IP address does not change throughout a particular session, so it can be used as an extra security measure to lock down your administration session. If you are unsure whether your Internet Service Provider fixes your IP address (it's a long story, and life's too short to bore you with the details :), you can still safely try to restrict your session. If your IP address changes, you will simply be asked to log in again (and this time you can choose to not restrict the session).
When you set passwords, try to avoid using:
- dictionary words
- any personal information - your name, telephone number, house number, family member/pets names etc
If you really find non-words hard to remember, try taking a word, changing a letter for a number and adding in a punctuation character or two, and capitalizing a letter. For example:
If you change the file permissions in the file manager program, the script will warn you if the changes may have security issues. Certain PHP or FrontPage files may throw up warnings because of the way they are implemented.
File permissions define who can read or change a file and, in the case of scripts, who can run it. Some CGI scripts that you may want to install on your web site may have very lax instructions security wise. The instructions may assume that scripts are run as user 'nobody' by the web server, and tell you to set file permissions to 755 and 666 for scripts and data files respectively. However, under our server setup, scripts are run under your own username, so you can set the permissions to 700 and 600 respectively.