[prev in list] [next in list] [prev in thread] [next in thread]
List: phpauction
Subject: [PHPAUCTION] for security
From: moeru () pileup ! com (moeru)
Date: 2000-03-23 11:50:14
[Download RAW message or body]
Hello all.
I'm very interested in this project.
I'll make some little addon programs and upload it when PHPAUCTION is run at my site.
I changed config.inc for security reason.
Current version of PHPAUCTION is crackable.
Already known this?
I can't understand how to use CVS yet.
So I post a little info as follows.
1, Move /includes/ directory without web publishing diorectory.
$pass_dir = "/var/www/PHPAUCTION/phpauction/includes/";
$include_dir = "/var/www/PHPAUCTION/phpauction/includes/";
move to like this
$pass_dir = "/home/user/phpauction/includes/";
$include_dir = "/home/user/phpauction/includes/";
2, Don't use login.php3
/admin/login.php3
And Password Protect /admin/ diretory(Use htpasswd)
Moeru
--PHPAUCTION MAILING LIST
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic