No application can ever be 100% secure. The following tips will help you keep your environment safe:
- Remove write access for the web server for any files and folders that the system does not require write access to. See Maintenance for a list of these folders.
- Make sure that the system where your web and database servers are installed is always up-to-date. Use the latest release of a PHP version that is supported.
- Anyone with administrator level access in your eFront can install programs using the “Plugins” option. Disable it for administrator users that will not be installing plugins (using custom user types)