No application can ever be 100% secure. The following tips will help you keep your environment safe:

• Remove write access for the web server for any files and folders that the system does not require write access to. See Maintenance for a list of these folders.
• Make sure that the system where your web and database servers are installed is always up-to-date. Use the latest release of a PHP version that is supported.
• Anyone with administrator level access in your eFront can install programs using the “Plugins” option. Disable it for administrator users that will not be installing plugins (using custom user types)