How to tell your customers your website is save and secure? You can use OWASP
I found this page on the DNN website: https://www.dnnsoftware.c...st-owasp-top-10-2013
Does someone have a more recent version or where can I find this?
Willem,
I use the following (amongst other steps):
Use certificates, and force HTTPS. Read Why EVERY site should be secured by HTTPS.
Read and follow 7 Tips to Protect your DNN Website from Ransomware.
Read and follow Tip 1: Never put Web-Files on Drive C - Harden DNN against Ransomware Attacks and future articles from this series.
To secure your database I recommend to read and follow this article: Secure your DNN database by some simple steps.
You should never ever open a port on your web server that is not needed - esp. do not allow anyone (and if they are the best tech-persons amongst your clients and really know what do do) to access the SQL Server from their computers. Get rid of FTP (except you can use SFTP - and don't confuse it with FTPS).
There are companies that do security audits. They have employed hackers who know where to look. If your customers really want to be save, they should take money into their hands and engage them.
And: stay up to date. Windows XP Service Pack 3 was secure when it was deployed.
Happy DNNing! Michael
Michael TobischDNN★MVP
These Forums are dedicated to the discussion of DNN Platform.
For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:
Awesome! Simply post in the forums using the link below and we'll get you started.