deny from all
It’s written to give new XOOPS'ers a chance to make, with a few changes, a secure installation even more secure. We believe, that existing users also can use the guide, for securing an already installed XOOP website.
This guide is written for XOOPS version 2.3.3RC as Core-version.
If you are still using WF-Sections v1+ and v2+ then I suggest that you read this please.
It has come to my attention that there is a few very bad security exploits that some people could use to gain access to your website. I suggest that all users of this module should either:
1. Deactivate the module for the time being (recommended) or..
2. Renaming XOOPS_ROOT_PATH/modules/wfsections/ratefile.php and print.php.
I am now in the process of doing a full audit of all the WF-Sections code and closing these and all possible security risks that may arise in the future.
I will keep you all posted on an update.
John (AkA Catzwolf)