Our site www.viart.com site is operated by latest Viart Shop 5 with default Clear design
Topic Information
daviswe
daviswe
I am trying to be as secure as possible, and some good advice was offered recently, and that is that you should NEVER put SQL backups, aka DUMPS, in the /db directory that probably contains CC information, and honestly this seems obvious, but I didn't see it for years!
 
In order to fix this, we need to find a way to dump ABOVE THE WEB ROOT where they are safe. SisteLock suggests you do that for good reason. Anything above WEB ROOT will be safe.
 
The problem I see is that the DB Management tool does not allow us to remove old dumps. There are probably dumps laying around with PCI-CC info in them. This has been happening to lots of people who find a customer will complain about getting unauthorized charges on a credit card after buying from your store.
 
SO, I ask VIART Gurus on now how to get rid of the dumps that are out of date or that need to go above the WEB ROOT. Personally, I'd never have more than one unless you do put them above ROOT.
 
This also makes me ask how we can move things above WEB ROOT???
 
I know what needs to be done, just need assist from Viart to guide me and you.
 
Metz
Metz
I manage my dumps via FTP. I don't move them above the web root (as I'm not sure what that means), I just copy the old ones to the back up area of my hard drive and then delete them from the internet.
 
Hope this helps!
 
daviswe
daviswe
How do you get the file from the Viart dump? I can't copy it as it is, so how are you getting access to it?
 
Metz
Metz
I used my FTP program (Ipswitch WS_FTP), went to the db directory, copied them to my hard drive, and then deleted them from my live site.