Welcome, Guest. Please Login or Register.
November 25, 2024, 01:29:10 AM
Home Help Search Log in Register
News: SMF is the next generation in forum software, almost completely re-written from the ground up, make sure you don't fall for cheap imitations that suffer from feature bloat!

YaBB SE Community  |  English User Help  |  English Help  |  Securing Yabbse? « previous next »
Pages: [1] Reply Ignore Print
Author Topic: Securing Yabbse?  (Read 5423 times)
sosidge
Noobie
*
Posts: 11


I'm an alpaca!

Securing Yabbse?
« on: March 23, 2004, 11:11:49 PM »
Reply with quote

YaBB SE Version: 1.5.5
PHP Version: 4.1.2
MySQL Version: 3.23.x
Server Platform: Unix, Linux, or BSD
Link to Forum: www.rc-direct.co.uk/forum

Problem Description:
Something's been bothering me...

Since some of the files with important info (e.g. settings.php) are stored in the root directory of YaBBSE, is that not a security risk?

Could a user who knows the software quite easily access those files and learn the database details, for example?  Then maybe hack from there?

Or am I just being a dumb amateur coder???? (probably this).
Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830


ICQ - 179721867unknownbrackets@hotmail.com WWW
Re:Securing Yabbse?
« Reply #1 on: March 23, 2004, 11:16:23 PM »
Reply with quote

Unless they gain access to your server, they shouldn't get access to Settings.php.  PHP won't show the source code unless you tell it to.

-[Unknown]
Logged
sosidge
Noobie
*
Posts: 11


I'm an alpaca!

Re:Securing Yabbse?
« Reply #2 on: March 23, 2004, 11:31:53 PM »
Reply with quote

Relief! Combined with a little embarassment...

Thanks again for your help.
Logged
Pages: [1] Reply Ignore Print 
YaBB SE Community  |  English User Help  |  English Help  |  Securing Yabbse? « previous - next »
 


Powered by MySQL Powered by PHP YaBB SE Community | Powered by YaBB SE
© 2001-2003, YaBB SE Dev Team. All Rights Reserved.
SMF 2.1.4 © 2023, Simple Machines
Valid XHTML 1.0! Valid CSS

Page created in 0.065 seconds with 21 queries.