Contribute and website security
19
Related topics:
•
“Understanding network and server permissions” on page 9
•
“Secure FTP” on page 14
•
“Contribute user roles” on page 17
Web page rollbacks
Rollbacks let you revert to a previous version of any published web page, providing you with a
level of file recovery. You do not have to roll back to the last published version; you can select any
version that Contribute has saved as a rollback file.
When you roll back to a previous version of a page, Contribute reverts to the previous text
contained in the version of the page you select. However, any assets imported into the page may
or may not be recovered. For example, suppose you update an image file outside of Contribute
and then replace the original image with another image using the same filename. In this case,
Contribute cannot roll back to the previous version of the image because Contribute does not
manage assets outside the web pages it creates.
Contribute does maintain the older version of an image if you use Contribute to edit the image in
an external application. Contribute considers images, Microsoft Word documents, and other
content that you edit in an external application as
assets
. You can roll back assets that you’ve edited
through Contribute the same way that you roll back pages.
For example, suppose you roll back from version C of a page to version A, and you used
Contribute to edit an image in version B. When you roll back to version A, you will not see the
current version of the image. You need to also roll back the image, independently of the page
rollback.
To learn more about rollbacks, see “Enabling and disabling rollbacks” in Macromedia Contribute
Help.
Restricting access to administrative folders
When you create a site connection, Contribute creates special files that are stored in folders whose
names begin with an underscore (such as _mm, _baks, and _notes). These folders may contain
files with user names, e-mail addresses, previous versions of web pages, and other types of meta
information used by Contribute. The underscore allows Macromedia Dreamweaver and
Contribute to distinguish between those folders and the other folders in your site.
Contribute and Dreamweaver use this naming convention to filter these special files and prevent
them from appearing in the Dreamweaver Site panel and in the Contribute Remote File Browser.
These hidden folders can’t be browsed, overwritten, or inadvertently altered by users.
Additionally, some search engines and automated programs are designed not to return pages
found in folders whose names begin with an underscore.
To ensure that these folders and files remain protected, review the configuration of your web
server software and make certain that you block HTTP access to folders whose names begin with
an underscore ( _mm, _baks, and _notes), the MMWIP folder, and files identified by the file
extensions .lck, .mno, .bak, .lbi, .csi, and .dwt.
