Re: [pLog-General] [ plog-Bugs-986157 ] Gallery file can be accessed without using resserver.php
Brought to you by:
jondaley
From: Nick G. <ni...@so...> - 2004-07-07 00:06:08
|
Two (2) solutions at hand. I currently use #2, its just easier. [1] Config an .httaccess file in the gallery dir [2] Move the gallery folder to a non-public directory. ex: ~/private/gallery as apposed to ~/www_public/gallery. Of course while we are on the idea of security users should also remember to configure mysql to not allow blank users or blank root passwords. Survey reported that up to 30% of public boxes with mysqld running havn't gone past installation to change the default blank root password, or allow blank usernames and passwords for login access. *shrugs* ~ Nick |