Welcome to Geeklog, Anonymous Friday, November 22 2024 @ 01:40 am EST

Don't forget to secure your installation

  • Wednesday, March 20 2002 @ 08:25 pm EST
  • Contributed by:
  • Views: 8,161
Geeklog
Assuming that one has not implemented any WebServer based or file access security changes:

The default install of Geeklog does not secure the installation and will leave your admin/install/install.php file open for anyone to access. I Recommend a few things

  • Remove access rights to the directory
  • Change the name of the install directory
  • Configure webserver security - e.g. Use apache .htaccess
  • All of the above

    Doing a little check before submitting this note, 50% of the sites I checked have open access to install.php. I debated about posting this, in case someone thinks this would be their idea of fun. Hopefully, it will be seen as a reminder to secure our installs - as anyone that has installed GL will know the default install path.

    A recommendation would be for GL to include a install feature like Gallery that will secure all access and redirect anyone without proper authentication to the main page.

    Cheers,
    Blaine