Menu
▾
▴
Re: [Phpwiki-talk] solution to admin.php problem
|
From: <ph...@de...> - 2001-02-08 16:49:12
|
On Thu, 8 Feb 2001 10:02:42 +0100, you wrote: => Bottom line: there's no way to secure config.php on a shared server if the => web server runs as nobody. <snip, move, cut, paste, etc> => Taken from their security.txt: => If you want to run Phorum on a shared server, you absolutely need to wrap => the scripts... unless, of course, your provider makes all of your scripts => run as your userid. [...] It is a *GoodIdea* if the confidential user, password and servername info etc are kept in a separate "include/require" file, so that folks (such as me) who run Wiki under their user permissions can then move the PASSWORD.INC or whatever totally out from under the document root. Also, if left under the document root, one can use .htaccess to block pedestrian access through the web server to specific files/types. Cheers, - Don |
