antonbartolo Posted November 26, 2003 Posted November 26, 2003 my configure.php lies in the .../catalog/includes directory. The file is -rw-r--r-- and the two directories are drwxr-xr-x Does this mean that anyone with bad intentions can go in and read my configure.php file? The reason I worry is that the file contains values for: DB_SERVER DB_SERVER_USERNAME DB_SERVER_PASSWORD DB_DATABASE In other words, if somebody reads it he/she will have full access to my database to do with it whatever they want. If my worrying is correct, is there a way to prevent this. I have not managed to find anything on this in any forum. Anton
FIMBLE Posted November 26, 2003 Posted November 26, 2003 hi, The includes directory has a .htaccess anyhow, if you try to link to it through http it will give you a error, it is just a safe guard. there are some who could get to it but most people do not know how if you chmod it to 644 or if windows to read only this will protect it. Sometimes you're the dog and sometimes the lamp post [/url] My Contributions
antonbartolo Posted November 27, 2003 Author Posted November 27, 2003 ... there are some who could get to it .... Now that worries me even more! But I guess I'm just being paranoid! After all, who would want to get into my configure.php, find the info to access my database and go in and read all the data there, possibly changing some of it so that I'm suddenly selling Jonny Wilkinson posters at 1p a piece! Anton
Recommended Posts
Archived
This topic is now archived and is closed to further replies.