I have been maintaining an active Geeklog 1.5.1 site and recently have had security issues. I now see that the db-config.php file and the folders for "plugins", "system" and "sql" are residing unprotected under public_html. Unfortunately, they are not located in the root directory above. Is there a quick way of fixing this? I also want to upgrade to geeklog 1.8.2sr1. Is there a straight forward way of both fixing the security problem and upgrading to 1.8.2sr1 at the same time?

Thanks, Howard

Yes, you can do that. Make backups (of the database and the config files), upload the new version in a more secure setup (preferably putting the sensitive pieces outside of the webroot or at least within a password-protected folder).

Then run the install script. Instead of upgrade, choose the Migrate option. You can either migrate an existing database or use an SQL file from your backup. The install script will do the upgrade and adjust any paths to the new setup.

bye, Dirk