2

I used to use xampp for self hosting a private wiki, but found the hassle of having to start the server, then stop the server really tiring. My next option has been to host a DokuWiki installation on a webhost plan at http://www.siteground.com/

I have set the wiki to private and it does not allow for any users to register. So my question is how secure is this? Here are my questions:

  • At the moment if it got hacked I would not worry too much, but do plan on using it for more personal information at some point (information for ongoing projects that must remain private)
  • Can any 13 year old script kiddie bypass the .htaccess security? How advanced must my attacker be to download all the files?
  • Would you personally trust the web hosting company? Or is it common to have nosy staff members?
  • I was using Evernote but much prefer the layout and control of DokuWiki, is Evernote probably much more secure than a self hosted DokuWiki on siteground's servers?

I like hosting in at my domain because I can access it from anywhere, but the security worries me. If Adobe can be hacked then I can be too, I just want to know how easy is it to bypass Apache server security?

  • What is the weakest link?

Also, if I make the entry url to the wiki a string that has no link is it more secure (So host the wiki at www.mydomain.com/4jfalkh483f849283fh7fh3082hf37/doku.php

If I know that url and bookmark it, but don't have any hyper links to the secret URL does this increase my security at all?

Joseph
  • 819
  • 2
  • 9
  • 16
  • 1
    I don't have an answer for all of your questions, but why not just have your own DokuWiki on your own personal computer (or even from a USB drive). I just checked DokuWiki download page, and they even come with a MicroWebServer that you can have to make it a standalone instance. If you are the only user, then it should not be a problem? – Darius Oct 09 '13 at 07:09
  • Yeah I think you are right, I just liked the convenience of having it online and just a login away from editing. I guess if its not local it's going to be compromised at some point isn't it? – Joseph Oct 09 '13 at 07:14
  • 1
    Considering the current news about some big companies getting hacked, it is the trend, and attack only get better. By the way, since DokuWiki can run standalone on USB stick, you are 1-click away from editing :). Just run the DokuWiki, and open a browser and login. Wherever you have the USB, and (Windows) PC to run it. As soon as you finishes, close DokuWiki, the web server dies, pull the USB, and off you go. Just don't lose that USB. – Darius Oct 09 '13 at 07:21
  • Thanks Darius, Yeah if the large companies are being attacked and even source code now being stolen, what chance do I have being a novice at website security? If someone did target me then I have no chance. I will leave the question open for a while in case anyone has some answers as I am still interested in how secure this stuff really is. But for now I am taking your advice and moving offline. – Joseph Oct 09 '13 at 07:34

1 Answers1

1

Your site is as secure as the weakest link in the chain. How secure is http://www.siteground.com/ in the first place? A 13 year old script kiddie can bypass the .htaccess of a sufficiently outdated apache. You need to ask the question: how carefully do they maintain their systems? Do they comply with the highest security standards? I couldn't find anything about this on their website, so you'll have to ask them.

It's not all about up-to-date systems. Configuration is important too. A poorly designed .htaccess could be the weakest link as well (thinking about basic vs. digest authentication). See How secure is .htaccess protected pages.

I can't say anything about siteground specifically, but in general, you need to remember that admins are humans. Ultimately you'll have to make the decision yourself: do you trust anyone? How bad is it if your data gets out? Is it threatening Mankind? Your life? Or is it just going to be annoying? There is no single answer here, you'll have to build your own.

Community
  • 1
Calimo
  • 1,385
  • 13
  • 18