Greenguy's Board - View Single Post - Hello! Newbie here with some questions...

raymor · 2006-06-27, 12:11 AM

1. When I upload the members section of the site, should I just upload it all to the
same directory as the rest of the site (the public folder) or is this a security
nightmare in waiting? If this will be a problem then where should I upload it to?

That would be an organizational nightmare as well as making any
kind of security pretty much impossible. As mentioned by others, the whole
members' area typically goes in a directory (folder) called "members/",
but use lots and lots of folders within "members/" as well. Assume that your
site will grow to have 10,000 or more files. You'll want to be able to quickly
find a certain file in order to work on it. So organize well - think about the logical
sections of your site and put each in a different folder. We might have something
like below. Just imagine you are organizing 10,000 different things in your garage
and you needed to be able to quickly find and use any particular item and organize
your files similarly. You'd want small containers keeping a fewer similar items
together, then those small containers would go in larger tubs labeled with what's
inside. You'd put the large tubs together on shelves with auto supplies on one
shelf, painting supplies on another shelf, etc. The shelves would each be part of
a whole shelving unit, so you might have one shelving unit with 8 different shelves
of seasonal goods like Christmas lights and Halloween supplies, then a different
shelving unit with tools, etc. That way you can find your Christmas tree stand
(or your main logo) when you need it. It might look something like this:

Code:

tour1/
       html/
       graphics/
                    banners/
       samples/

members/
              mainnav/
                           graphics/
              pics/
                   model1/
                              html/
                              thumbs/
                              fullsize/
                   model2/
                              html/
                              thumbs/
                              fullsize/
                   model3/
                              html/
                              thumbs/
                              fullsize/
              videos/
                   model1/
                              html/
                              thumbs/
                              fullsize/
                   model2/
                              html/
                              thumbs/
                              fullsize/
                   model3/
                              html/
                              thumbs/
                              fullsize/

...

2. Are there any other simple ways to protect the private members content from
hackers or password thieves?

Strongbox will take care of the crackers and password sites.
See http://bettercgi.com/strongbox/

5. As far as the 2257 stuff goes, we have been getting the models to sign release
forms but as yet we haven't taken copies of ID.

Oops.

Will this cause a big problem?

Not until and unless they arrrest you, or you want to sell your site or some of your
content or when CCBill decides to start asking for 2257 docs or ...
It's not normally a problem, for most people, yet. Having a broken smoke alarm
doesn't NORMALLY cause a problem either.

Is it best to try to contact the models we've used to get copies of their ID?

I would sure do that if you can. I wouldn't be horrendously concerned about it
if you were unable to reach a couple of them. That depends on your personal
appetite for risk.

2006-06-27, 12:11 AM	#5
raymor The only guys who wear Hawaiian shirts are gay guys and big fat party animals Join Date: Jan 2004 Posts: 178	1. When I upload the members section of the site, should I just upload it all to the same directory as the rest of the site (the public folder) or is this a security nightmare in waiting? If this will be a problem then where should I upload it to? That would be an organizational nightmare as well as making any kind of security pretty much impossible. As mentioned by others, the whole members' area typically goes in a directory (folder) called "members/", but use lots and lots of folders within "members/" as well. Assume that your site will grow to have 10,000 or more files. You'll want to be able to quickly find a certain file in order to work on it. So organize well - think about the logical sections of your site and put each in a different folder. We might have something like below. Just imagine you are organizing 10,000 different things in your garage and you needed to be able to quickly find and use any particular item and organize your files similarly. You'd want small containers keeping a fewer similar items together, then those small containers would go in larger tubs labeled with what's inside. You'd put the large tubs together on shelves with auto supplies on one shelf, painting supplies on another shelf, etc. The shelves would each be part of a whole shelving unit, so you might have one shelving unit with 8 different shelves of seasonal goods like Christmas lights and Halloween supplies, then a different shelving unit with tools, etc. That way you can find your Christmas tree stand (or your main logo) when you need it. It might look something like this: Code: tour1/ html/ graphics/ banners/ samples/ members/ mainnav/ graphics/ pics/ model1/ html/ thumbs/ fullsize/ model2/ html/ thumbs/ fullsize/ model3/ html/ thumbs/ fullsize/ videos/ model1/ html/ thumbs/ fullsize/ model2/ html/ thumbs/ fullsize/ model3/ html/ thumbs/ fullsize/ ... 2. Are there any other simple ways to protect the private members content from hackers or password thieves? Strongbox will take care of the crackers and password sites. See http://bettercgi.com/strongbox/ 5. As far as the 2257 stuff goes, we have been getting the models to sign release forms but as yet we haven't taken copies of ID. Oops. Will this cause a big problem? Not until and unless they arrrest you, or you want to sell your site or some of your content or when CCBill decides to start asking for 2257 docs or ... It's not normally a problem, for most people, yet. Having a broken smoke alarm doesn't NORMALLY cause a problem either. Is it best to try to contact the models we've used to get copies of their ID? I would sure do that if you can. I wouldn't be horrendously concerned about it if you were unable to reach a couple of them. That depends on your personal appetite for risk. __________________ Ray Morris support@bettercgi.com Strongbox/Throttlebox & more TXDPS #A14012