In the past year I have done a lot of exploring with my site, installing and uninstalling programs to test them out. As a result there is a lot of debris in my site - folders and files that I am not sure what are for. I also am at a point where I am only using my site for email and moodle right now.

After I nuke it, do you have any suggestions for setting things up in such a way that would minimize hacking, etc?

Hi,

It's hard to do this without knowing what your intent for the site is. Why don't you give a general overview of what you would like the site to look like? What capabilities and features would you like to have? Who do you see as the site users? What do you mean be "minimize hacking"?

Regards

In the past year I have done a lot of exploring with my site, installing and uninstalling programs to test them out. As a result there is a lot of debris in my site - folders and files that I am not sure what are for. I also am at a point where I am only using my site for email and moodle right now.

After I nuke it, do you have any suggestions for setting things up in such a way that would minimize hacking, etc?
If you really want to start from scratch, I'd suggest contacting Bluehost support. They can set your account back to its defaults in a matter of minutes.

Thanks! I have contacted BH and they are ready to "drop the bomb" at my say :) I am backing up all of my data now, though am having trouble finding a way to back up my pics from coppermine.

I need my site to be able to do the following:

- email (I use Horde right now because of the variety of tools it has but I am open to change if something is more "secure") I am downloading all of my emails to outlook now so the functionality of the webmail software may not be as important in the future.

- I am setting up Moodle (online education software) now to assist me in my teaching Job in China. Right now I have 70 students who will use it. I plan on developing a module to help students prepare for national exams, which would give me hundreds of users. One year later I want to start experimenting with video and audio in my lessons. I need students to be able to download files from this site to help with their lessons.

- I have a wordpress theme with 5 main articles that I want to install.

- I use phplist to send an e-letter out once a month. I have read that php is prone to security issues. I would be happy to use any program that will let me send e-letters and will also import/export that address file from a csv file. I expect (hope) my addressbook will grow to several hundred in a couple of years.

- I use coppermine to store pictures. I will be the only one who has the right to upload pics. I have 2 kinds of users. One can download and one cannot.

- I may have the need to do websites though WP seems to be filling that gap for me right now.

- I am also looking at forum software to develop a forum for English teachers focused specifically on linguistics and teaching methodology.

- As a part of the above functions I will need to be able to send out files to people. I would like this to be done in a password protected environment but something that could be done without my intervention. I am thinking that forum software would be the easiest way to do this - I think it has a way to store files online and allow privileged users access to the files.

Security? I also don't know - I am just getting to the point that I can use these apps with a small amount of proficiency - still haven't got the webmaster thing down yet...just know that for a few days I could not access my e-mail via webmail because of some malware warning - I still don't understand why it kept me from accessing my webmail :( Three years ago I had someone hack my webpage.

I am open to suggestions to software that will perform these functions that is "more secure" or ways of implementing the apps that are "more secure". I also welcome links to pages or posts, or even printed matter, that will educate me - especially cherish sites that are more like "internet security for dummies" kind of sites. BTW, I use AVG now for Antivirus protection. It seems that pc security is a part of the picture.

What version of Coppermine are you currently running? I'd like to take a look at your site and inspect a few things for your benefit. A link would be helpful. If you don't want to post it, you may PM me.

To backup your Coppermine, use FTP to copy your /gallery (or whatever it's named) directory to your computer. You'll also need a copy of your mysql database if you plan to restore it. If you only want to backup the pictures, just copy the /albums directory to your computer.

And because Coppermine is a very popular application, it's also amongst the most targeted. The gallery may have been the point-of-exploit to your server and should be inspected before you copy it to your computer.

You should also run a full system scan with a virus scanner and malware scanner.

pengyou:

If you use the cPanel Full System Backup, this will grab all of your databases with the necessary data to rebuild them, and all of your scripts and data stored in them, including the photos in coppermine. These scripts can then be selectively restored later.

Once you create the backup you will get an automated email from Bluehost telling you that it's complete. Using your favorite FTP client, download that backup to your local computer, and then make a copy of it.

Once you get your site reset back to default you can then start rebuilding.

Thanks! I use the most recent version of CM. Unfortunately I have already pulled it down, although, to be honest, in the past I have never let it be for public use but for in house purposes - I never did anything with it on a website, just used the mechanics of the software.

I will try the back up utility

Thanks again!

It sounds like most of what you need centers around the Content Management System (CMS). There are several options here for you to think about.

Some good CMS options are:
1. Sharepoint. This is a Microsoft product. I haven't used it, but I've seen it used and it looks pretty cool. There is a cost, and I'm not sure exactly what it is.
2. Drupal. This is free and open source. Not as cool looking as Sharepoint, but if it gets the job done it may be the right thing. Also, you may be able to make some mods to improve it.
3. Google. I heard recently that Google has a pretty good site for CMS. This may be the least flexible and your content wouldn't be under your direct control.
4. Do it yourself. It sounds like you have the experience to do this yourself if you wanted to.

Also, depending on the experience of your students, you may want to enlist their help.

Thanks! CMS...you are the second or third person who has suggested that to me. It seems to me that CMS is a hybrid of database and blog/webpage. Is that a pretty close idea? But how secure are they?

Think of a blog/website and a CMS as related, but not identical. And, they would be two different aspects of your website.

A CMS is used to upload, download, store, track, and manage access to electronic documents or other content.

A blog is a type of content management system (CMS). It is basically a website that you post editorials and articles to. Often, readers can post comments to each article. They are usually listed in reverse-chronological order.

I suggested a CMS because you said:


- As a part of the above functions I will need to be able to send out files to people. I would like this to be done in a password protected environment but something that could be done without my intervention. I am thinking that forum software would be the easiest way to do this - I think it has a way to store files online and allow privileged users access to the files.


It sounds like what you want will be a complex website consisting of:
- a forum
- a CMS
- a blog
- an entry point

You could probably continue to handle the e-mail with Horde.

Also, what version of Coppermine are you running? If you're running cpg1.4.25 or older you need to update. Like JND said, Coppermine is popular and popular applications are often a target for malware.

Pretty much any software package is subject to this problem.