Security questions before going live.
The client has purchased a new business hosting with 1&1 and we are getting ready to upload to the site using the 1&1 supplied subdomain for testing on a live server before going live with the clients domain name. Any problems with this approach?
So now looking at security issues, which raised a few questions.
1. Any advice on using .htaccess and robots.txt files
2. Which is the most secure way of limiting access to the backend. For convenience, the backend has been accessed by a menu selection while on the local testing server. Is it ok to leave the backend menu selection visible and securely password project it or to delete it from the menu and have some other means of accessing the backend. If so, what is best?
3. Is it worthwhile limiting the backend access to the clients static ip address?
4. Which is the most secure way to control access to the site database through phpmyadmin?