![[Release] Secured Shaiya Custom Websites](https://www.elitepvpers.com/forum/iconimages/shaiya-pserver-guides-releases/release-secured-shaiya-custom-websites_ltr.gif){kind=small}
Firstly the Security:
* Use of Prepared Statements for protection against SQL Injections.
* Secured Database Connection via PDO, Security and Logging Files are all OUTSIDE the website Directory.
* Session Create. Tracks the session creation time and implements session timeout functionality.
* Session Regeneration. Session ID's are regenerated every 15 minutes. This helps prevent session fixation attacks and enhances session security.
* Cross-Site Request Forgery (CSRF) Protection. Generates and validates User Sessions with unique tokens.
* Content Security Policy (CSP). Mitigates the risk of Cross Site Scripting (XSS) attacks by restricting content locations.
* Secure Error handling used to prevent detailed error messages being exposed to Users.
* User Online Activity is logged, sanitized and then written to a log file. This prevents SQL injection attacks and other security vulnerabilities.
* After a user logs in and out, the code that fetches database data is destroyed, keeping personal information safer.
* Input Validation and Sanitization. Prevents potential vulnerabilities by validating and sanitizing input received from Users.
* Login, Logout and Logged in scripts have Session Regeneration included.
* Other Security I will not mention here for the protection of the website and code.
WEBSITE FEATURES:
* User-Friendly Coding. I have commented a lot of styles for you to change and have the look you want, yourself without coding knowledge.
* Server Time Clock.
* Almost everything has been `included` to keep the site code clean and easy to understand.
* Working Slider with clickable links. Has it's own JavaScript for cleaner code.
* Login / Register Widget. Login and Registration Form will switch depending on users desire. - They have also been hidden while logged in.
* Improved User Account Panel.
* Improved Staff Panel. See below for full details.
* Improved 'Online Players' section. This displays all players online as well as individual races (Human, Elf, Vail, DeathEater).
* A Small Bunch of Animations.
* Social Media Links.
* A Shop (Online version of Capitol / AH Player Shops).
* Calendar Events.
* Account Recovery.
* Members Ticket Portal.
STAFF PANEL:
* Staff Panel will detect the logged in users account and show either GM or Admin Panel, depending on rank.
* Character Search Function.
* Character Management, including Name, Level, Gender Changes, Move to Map - More to come.
* Account Management, including Ban, Unban - Incomplete. More to come
* NEW SPECIAL FEATURE: 'Add Drops' Feature. Set your website Drop List easily via form feature.
* NEW SPECIAL FEATURE: 'Add Quests' Feature. Set your website Quest Guide easily via form feature.
* NEW SPECIAL FEATURE: Guild Management Panel for managing Guild Data.
* NEW SPECIAL FEATURE: Add Events Page. Easily add Events to your Calendar.
* Bank Transfers allows you to easily send Players items vis the Bank Teller.
* Staff Tickets Portal. Admin and GM can reply to Tickets here.
There is a lot more.
The website is ready to go live now. All Security Measures have been taken into Consideration. The website has undergone 2 full penetration and hack tests. (HUGE THANKS you to Beno for this). Both tests came back with no Vulnerabilities.
This site is the most secure site you will find for Shaiya. Free sites have between no and very little security. They even lack the Databases and files required to run them. Even the higher priced websites have Security Vulnerabilities. I know this because I bought one myself, that I no longer use.
Enough said. If you want more info or interested in purchasing this site, contact me on here or discord. Site will be setup 100% as you want, Databases and everything required will be included.
<--- Discord deets up over there
You can view my site live here for an example:
![[ADM]Haydees is offline](images/elitepvpers/statusicon/user_offline.gif){kind=small}
