MDDB Security

The Morris Dance Database is an ongoing project and will always be subject to updates and additions. To allow timely updates, various individuals can log in to update information relating to their own interests (e.g. teams or morris organisations)

There may be some security concerns: those are addressed here.

Backups

All server data is backed up daily to local storage from which retrieval is quick and simple. Identical backups are also made to an offsite server. Both backup schemes currently retain the last 10 daily backups, 4 weekly backups and 6 monthly backups.

Password Encryption

Password security uses current best storage practice with strong password hashes. Passwords are never sent by email. Dictionary words or known commonly used passwords are not accepted. Passwords can not be recovered from their stored information (if you forget your password, you have to create a new one.)

Link Encryption With SSL

All connections to the web site are through an https: URL, which means that all data passing to or from the site (including but not limited to passwords) is encrypted and cannot be read or modified e.g. by intercepting an unsecured WiFi network.

Online Testing

The server and site have been checked with the free online site security checker at SSL Labs with an A+ rating.

SQL injection attacks and Hacking

The site is resistant to common attack vectors such as SQL injection and cross site scripting.

Availability

Hosting is provided by Bitfolk, a small provider based in London Telehouse North that specialises in outstanding technical competence and good value hosting for experienced users. The server has duplicated file storage and is a virtual server that can be seamlessly migrated (downtime in minutes) if a hardware failure occurs.

Anahata
Webmaster
Treewind Hosting
Last updated 10 April, 2023