is there a way to not allow any of my clients of shared web hosting to not to use the mmcache() to disable/enable the caching??
I am working on this problem. The solution will be available in release 2.3.18.
Glad to hear that. Maybe you can add user/password to login for admin so no one can see all the path of caching files.
Now I implementing a HTTP based autentication in mmcache(), the name and encrupted password will be located in php.ini.
What do you thing about this decision?
Is it secure?
What do you think about this logic:
- with PHP safe mode, you just can use MMCache to cache script and nothing from the API,
- without, you can use anything you want.
This would differentiate shared HTTP servers behaviour from private ones.
Not all shared web servers use safe mode. I think it's better not to trust safe mode too much.