The TT Web Site Manager stores its passwords as encrypted MD5 hashes. In addition, once a login has been processed it is tied to the individual session with a random key which expires after 2 hours of no use, or at logout, whichever comes sooner. It is hoped that this provides an acceptable level of security for a product visible from the web but it does not provide a guarantee that at some time in the future this will not prove to be enough.

As with any piece of software running on a machine that can be connected to the internet, it is necessary to ensure that a TT Web Site Manager installation is as secure as you can make it. Of course, the security of your TT Web Site Manager ultimately depends on the security of your web server and database server which is beyond the scope of this document but there are some things you can do to minimise any risks.

The easiest way to minimise the exposure of your TT Web Site Manager is not to install the management scripts on a web visible server. To serve web pages, all a TT Web Site Manager installation requires are correctly installed copies of build.php and ttbuild_lang.php so all the other files need not be installed. All the management can then be done using a separate non web visible installation, perhaps even on another web server but using the same database server.

In most cases though you will have to install the TT Web Site Manager scripts somewhere visible from the web. At this point if the facility is available to you, consider exposing the TT Web Site Manager scripts only via an SSL connection to minimise the risk of interception of TT Web Site Manager traffic.

Exercise caution with your administrator login passwords and permissions. Most users will only require page manager and item manager rights because once a site has been set up these are all the rights required to develop pages on a TT Web Site Manager installation. User manager and SQL user rights should only be given to those who need them.

Never trust PHP variables which come from outside your code. Always validate any form variables and if you are using a form variable in a piece of SQL code always enclose it in single quote marks and escape or remove any characters that could be used as the basis for an SQL attack.