12
Quote:
PM Sent: 2007/4/17 18:58:27 ...by Steve
_______
DB setup
BlueStocking -
Yes, the DB name, username and password are important for security. It is also important to follow the recommendation to move this information out of the web root (just like the Protector folders) - read the Security Checkpoint post and the articles linked there
I'll post a general reply in the topic.
Steve
_________________
Thank you Steve...
Now that I have my VERY STRONG user name and DB name and passwords... I am ready to proceed.
I have checked and I am using the most current XOOPS version.
Anonymous ftp access is not allowed.
I have an .htaccess file
My MySQL doesn't allow for 'anonymous' users.
I note here you recommend creating another user with limited permissions. Would you explain why that would be desirable. I don't understand the purpose for that move.
RE:
register_globals, safe_mode, and allow_url_fopen
I will assume for the present that these are all vulnerable
how will I correct that through the .htaccess? I will need to be led through the protector install.
Not tonite but later....
For now, thanks... and we shall continue
if you be willing.
BlueStocking
