How can i hide the user & pass info ?
wget xxx.forum/config.php ??????
Please need help
config.php
Forum rules
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
-
cyberCrank
- Registered User
- Posts: 560
- Joined: Wed Jan 28, 2004 3:38 am
- Location: Ethereal Bliss
Re: config.php
But still maybe wise to .htaccess and/or chmod block it IMO for other less obvious reasons...
Re: config.php
If you really want to be secure delete the file.
Oh, forgot to mention that the board will stop working then, but for the rest, there are no other side effects
Oh, forgot to mention that the board will stop working then, but for the rest, there are no other side effects
-
-
mansuetus
- Registered User
- Posts: 130
- Joined: Sun Dec 07, 2003 8:02 pm
- Location: Paris, France
- Contact:
Re: config.php
More seriously,
if something appears when You access via the webserver to config.php, then you should enable PHP4 or PHP5 mod !
if something appears when You access via the webserver to config.php, then you should enable PHP4 or PHP5 mod !
Petite publicité pour mon site : on présente des horoscopes qui tuent, on propose des tests,
et si tu cherches bien, tu verras même un phpBB
viens sur spontex.org !
et si tu cherches bien, tu verras même un phpBB
viens sur spontex.org !
-
uranusalien
- Registered User
- Posts: 32
- Joined: Mon Oct 27, 2003 4:48 pm
- Contact:
Re: config.php
It might be wise to put in this .htaccess, that way if PHP gets accidentially disabled it's still protected:
<Files "config.php">
Deny from all
</Files>
<Files "config.php">
Deny from all
</Files>
-
cyberCrank
- Registered User
- Posts: 560
- Joined: Wed Jan 28, 2004 3:38 am
- Location: Ethereal Bliss
Re: config.php
ditto that as noted in bolduranusalien wrote: It might be wise to put in this .htaccess, that way if PHP gets accidentially disabled it's still protected...
** when PHP falters, then the content of any accesible PHP file (critical or otherwise) is exposed unless blocked; maybe a rare occasion if at all, but precaution is prudence for the wise... **cyberCrank wrote: But still maybe wise to .htaccess and/or chmod block it IMO for other less obvious reasons...
-
Martin Blank
- Registered User
- Posts: 687
- Joined: Sun May 11, 2003 11:17 am
Re: config.php
I seem to recall that you can also put the main config.php file (or, for that matter, any other file) outside of the web-accessible location, and have your config.php file read:
require "/home/user/safezone/config.php";
That way, there may be a loss of path information, but the passwords are still outside of casual reach.
require "/home/user/safezone/config.php";
That way, there may be a loss of path information, but the passwords are still outside of casual reach.
You can never go home again... but I guess you can shop there.
-
Black_Hole
- Registered User
- Posts: 10
- Joined: Sun Oct 10, 2004 3:45 pm
Re: config.php
you could also chmod config.php to 700, or 400. However 400 will cause errors if phpbb tries to write to config.php... which is only in upgrades and installations if i am correct
Re: config.php
you could always as well try changing the name to something else. Just make sure however to chance the name of the file inside common.php as well.