Re: [SQL-Ledger-users] Still Cannot install sql-ledger

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

>
> I didn't understand step 5, and step 6 you can probably skip.
>

Step 5 simply means that you should create a .htaccess file in the admin
directory.  This will not prevent users from executing (i.e. including) the
config files, but it will prevent Apache from "handing" the files out to users
who request:

http://www....com/sql-ledger/admin/config

Step 6 would probably be needed if the system has a number of "local" user
acounts.

Step 7 is also absolutely critical!  If your SQL-Ledger/Apache server is also
your PostgreSQL server, use the following line in pg_hba.conf

host         myledgerdb         127.0.0.1     255.255.255.255   password

(assuming your database for SQL-Ledger is myledgerdb)

Be sure NOT to have a line like this in the file:

host         all        0.0.0.0       0.0.0.0           trust

Step 8 is entirely about how granular your security control needs to be.
Implement it to suit yourself.

BFN
Andy