I am the proud new owner of a Feng Office. What the heck if Feng Office, you may be wondering? It’s an amazing collection of modules that organize all of your records, correspondences, emails, documents, and tasks. I won’t get into “what is it” on this post as much as mentioning a few security suggestions if you implement this suite of office tools.
First of all, make sure you are using a secure website. By secure, I mean use HTTPS in your URL. If you don’t then scumbags who are sniffing your packets will be able to read your data. That is bad. Get SSL encryption on it immediately and don’t worry about it being a self-signed certificate. If it’s your own site then you know it can be trusted. The data is just as encrypted, either way.
Secondly, if anyone knows the Feng Office file structure, then they know that they can just add the directory “/upload” to the end of your site name and start hunting for your personal data. Why? Because Feng Office stores your emails in a directory. Well, that’s bad news if you want privacy, so there is a necessary step to protect you.
Go to your Feng Office directory and open up the .htaccess file, add the line:
with a line break at the end, so that the file ends on a blank line.
After that, your privacy cannot be compromised.
Any other suggestions? Place them in the comment section.