1 post • joined 30 Sep 2009
Re:PCI is crap
While I am not the standards biggest fan, I have to question what you said about Plesk CP.
As I understand Plesk to work, it would not matter that it is running on a different daemon. It provides significant (complete?) control of the website and therefore is a security risk. If it were compromised it would be a serious threat to the site's security. How you can conclude this has 0 relevance to a site is beyond me.
Appropriate controls should be put on any administrative function. This includes, amongst other things, using strong ciphers, restricting public access and/or using two factor authentication.
- +Comment 'Private Facebook' Ello: There's a reason we're in beta. SPAMGASM!
- NASA rover Curiosity drills HOLE in MARS 'GOLF COURSE'
- WHY did Sunday Mirror stoop to slurping selfies for smut sting?
- Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
- Third patch brings more admin Shellshock for the battered and Bashed