-1

I have a website where I have three scripts, django, wordpress and question2answer installed in different subdirectories, uses different databases. All authentication is handled by django and django creates login cookies for wordpress and question2answer(bridge) and logs into entire site without any hacks on wordpress and question2answer side.

What i want to know is generally if one of these gets hacked, then will my other databases and subfolders will be protected. like will the hack be contained within the subdirectory and database or will it be site wide hack.(I mean what is the case in most hack incidents)

one approach to solve this is to move them to subdomains and point to different servers with remote sql allowing database access from django. But some people are of the opinion that moving to subdomains causes problem like we have to work twice as hard for seo building since they are different subdomains? (What is the truth?)

MYNE
  • 343
  • 1
  • 4
  • 15

1 Answers1

1

In general:

If all subdirectories have the same user/group assigned, potentially this could be a problem if one of the systems gets hacked, the hacker gains access to all subdirectories.

If all databases use the same user/pwd combo for each site to access their separate DB you have a potential problem. One site gets hacked and gains access to the DB, it has access to all DB's

Moving to subdomains would only solve the file problem if you don't use the same usr/pwd combo for each subdomain. The DB situation remains the same.

Not sure about the SEO thing, it sounds right. Instead of one domain you would have to take care of three.

Peter van der Does
  • 14,018
  • 4
  • 38
  • 42