Forums / General / urgent...security issues!
kevin wei
Tuesday 11 January 2005 10:34:26 pm
i in stall ez on a non-virtual host, and i cannot put .htaccess under my root folder, which will cause i cannot access the whole site, so i change all file's name under settings to xxx.ini.php.to my surprise, i can see all contents by http://xxx.com/settings/xxx.ini.php
how can i protect these file from accessing by http protocol?
thanks!
Gabriel Ambuehl
Tuesday 11 January 2005 11:59:22 pm
Sounds like a misconfiguration of the webserver. You should talk to your webhoster.
Visit http://triligon.org
Wednesday 12 January 2005 12:24:55 am
yes, but i cannot ask him changed for me, do there have any other way can make it securty.i found i can not access xxx.ini.append file, so can i rename all ini files under settings to ini.append or delete theme all, only left files under override and siteaccess.
thx
Björn Dieding@xrow.de
Wednesday 12 January 2005 1:51:17 pm
if
http://xxx.com/settings/xxx.ini.php files are readable and you cannot place a .htaccess there is no hope for you :-)... Still liek said before talk to your host
another idea could be to place a .htaccess in setttings/
also remove the runcronjobs.php
Looking for a new job? http://www.xrow.com/xrow-GmbH/Jobs Looking for hosting? http://hostingezpublish.com ----------------------------------------------------------------------------- GMT +01:00 Hannover, Germany Web: http://www.xrow.com/
Script start
Module start 'content'
Module end 'content'
Script end
Time used to render debug report: 0.0001 secs