Geeklog Forums

HI,

I was wondering what i should chmod my config.php?

worried about other people on my server snooping and seeing my mysql access

Cheers

Stevyn

---

------
my geeklog discussion is at:

http://ironfeather.com/cgi-bin/bbs/ik...ct=SF;f=20

according the best suggestions laid out in the install instructions, the directory containing your config.php should not be world readable--meaning it shouldn't be in your public_html dir at all or in any sub-dir therein.

However, not all of us have the pleasure of having access to any dir above our public_html dir... sooooo, the 2nd best option would be to protect that dir using an .htaccess file or something like it provided by your hosting company.

Hi, thanks for your reply.

Yep, I have it in a directory that is below the public view so its not viewable from the web. But I am on a server that hosts many others so I think they are telneted into theior own account and then looking about in other peoples directories on the server.

I think geeklog only reads the config.php and doesnt write to it, so i should be able to chmod it really low i think. if none knows off hand i'll try it real low and see what happens

cheers

---

------
my geeklog discussion is at:

http://ironfeather.com/cgi-bin/bbs/ik...ct=SF;f=20

that setup sounds kinda shady if access is granted so loosely.
anyway, 644 should do you.

yep, looks like 644 is the lowest it can go, i wonder why it cant be 600? why would others need to read it? I tried and it needs 644.

I have been with this server host for years but I am worried now after this hacking action. Maybe change soon.

---

------
my geeklog discussion is at:

http://ironfeather.com/cgi-bin/bbs/ik...ct=SF;f=20

Actually, when your root directory is not readable by others, there shouldn't be a problem with world-readable files below it. I would expect this to be the standard setup for shared hosting.

If, however, you can actually read files in other people's directories, then I would switch ISPs ASAP ...

bye, Dirk