Is my website really safe 100%?

Regular Joined: Jan 16, 2009 Posts: 91

I want to know. Please reply and thank you very much.

Posted: Tue Jan 20, 2009 6:22 pm

No web site is EVER 100% safe and it depends highly on you keeping up on regular updates that are posted and not just on the core *nuke software, but any and all add-ons / hacks that you add to it. Security is the responsibility of each and every one of us site owner/admins.

I can also tell you that if you are using the basic PHP-Nuke with none of the security patches from NukeResources, then you are inviting issues as PHP-Nuke is a very insecure piece of software. RavenNuke(tm), on the other hand, is a far better choice and you get excellent support for it here on this site, plus regular updates. (You none of these things from the PHP-Nuke site.)

Posted: Tue Jan 20, 2009 6:35 pm

I am running Raven Nuke through. I can give you my link over pm if you want to check my security. Is that ok with you?

Posted: Tue Jan 20, 2009 8:03 pm

No-one but yourself can "check my security". The core RavenNuke(tm) distribution is very secure. But, what you add to it, might not be, as well as your host account. It is not something that any one of us is going to take on to review your site as there are too many variables involved in order to "certify" your site as such. RavenNuke(tm) is provided with no warranties whatsoever, just like any other GPL program; use at your own risk. But, as far as *nuke variants go, it is one of the best in terms of security. Just a personal opinion.

Posted: Thu Jan 22, 2009 2:07 pm

I know of numerous nuke sites that have been hacked, including one that I was a member of (though, not an admin). I tried multiple times to get them to upgrade the security, and even offered to take over the website admin to do it myself. They completely lost 2 1/2 years of forums, and about 400 registered users, since they also did not make backups and their host either did not have a backup or was unwilling to help them out, or they just didn't want to bother. Who knows.

I been running RN for roughly 3 years, I think, and always keep up the NS updates and all other patches, without any problems - though many, many have tried. Thanks guys.

Posted: Thu Jan 22, 2009 4:04 pm

Let's just be clear about what was implicit in M's note when he said "as well as your host account". *Nuke (whether it be Ravennuke or anyotherNuke) is just part of the security picture. Your hosting account is a major part. Your fellow admins can be part if they don't have secure passwords or are sloppy or use public computers. Whether you know where your backups are and how often they are taken and have procedures in place to restore from them is part. What happens in the data center is part ... whether it be sinister or just incompetence. It's the total picture that counts when you assess security. RN combined with Sentinel could be absolutely perfect (I mean 100% with absolutely no bugs or holes that could be exploited). You could still get hacked tomorrow if someone could get your hosting account username and password.

Involved Joined: Sep 15, 2008 Posts: 352

I agree nothing is 100%... If you care enough about what your doing I would backup your database using cron at least 4 times a day and also your files.. If by chance you do get hacked you still have all your hard work saved. Raven Nuke is very secure more then say Joomla..