Return to Web Site Hosting FAQ
Considering scripts?
Calendars, bulletin boards, photo galleries, form-to-email forms,
shopping carts & similar Internet tools are very popular & very
useful for web sites. These tools almost always require processing
by scripts, which are little software programs that run on your web
site.
General considerations.
While scripts are very useful,
it's important for a web site developer to keep in mind some issues
with using them.
- Scripts generally require quite a bit more
technical knowledge & time to add & maintain than basic web pages.
- Scripts are computer programs,
which inherently makes them much more
vulnerable & attractive to security attacks than basic, static
web pages. Updated versions, patches, or upgrade how-tos for scripts
are often made available by the script's developers, so you may be
able to "easily" plug any holes as they are discovered,
if you monitor the source of your scripts.
- Security problems with your scripts may affect
your site. For
example, the bug
may allow someone else to delete or add content to your web site.
Security problems can also affect others. Form-to-email scripts are
notorious for this type of attack. A poorly written form-to-email
script may allow others
to send spam using your web site without your knowledge, which in
the long-term can create major problems for you.
- Scripts generally
require supporting software on the web server (javascript scripts are one exception). The server must provide
the correct type & version of this supporting software for the
script to function. Examples of supporting software are PHP,
Perl, mySQL, & sendmail.
- Scripts generally can't just be installed
& ignored like basic web pages can. The supporting
software required by scripts is also vulnerable to
security attacks. Upgrades to this software are released &
installed regularly by most server administrators. Some software upgrades may
cause a script to stop functionaly. For example, a calendar script
written for PHP version 3 may not work properly under PHP version
4 or 5. Updated versions, patches, or upgrade how-tos for scripts
are often made available by the script's developers, so you may be
able to "easily" upgrade the scripts so they continue to
work.
Checklist for evaluating script software
- What supporting software is required by the
script & does my site support it? (look for the "Requirements" section on the script's
web site). Contact us if you need help determining whether the web
site you host with us supports the particular version(s) of PHP,
Perl, etc.
- Does the software have an active development
team? Is it a team
or a single person? Check the software's web site for News or Updates.
Are new versions of the software being released
regularly? Do they address security holes? Is the software being upgraded to
stay compatible with newer releases of, e.g., php or mySQL?
Is there an active forum or other user support?
- How frequently are patches for bugs being
released? Does the forum or mailing list suggest these have been easy for others
to install? Can you join a mailing list that announces these updates,
so that you're quickly notified when security patches are released?
- If I pay for software, I won't have these
problems, right? Wrong. Some of the most popular, reputable computer software has
frequent releases to patch security holes that are discovered later.
You merely need to think about how frequently patches are released
for Microsoft's operating systems to understand this.
- If I need assistance installing or maintaining the scripts,
where
will I get help? This varies. If you purchased the software, check
your purchase or license agreement.
Check to see if the script's author provides free or fee-based support.
Check for a mailing list or bulletin board/forum that offers community-based
support that answers your question. Or post the question to the forum..
Locate an expert of your own to make the changes for you.
Scripts you may want to consider:
|
