5 Jan
2006
5 Jan
'06
6:50 p.m.
On 1/5/06 12:41 PM, Karoly Negyesi wrote:
1. Improve the security of a Drupal install by keeping all files private, except for an index.php, no module or include files should be accessible from a web browser
This will not increase security. If .htaccess can not protect you, why would this? And how would we ship the tarball...? Untar this half below documentroot and index.php to documentroot...? /me shakes head
well, users of non-apache (say, IIS, e.g.) servers or those who aren't permitted .htaccess overrides by their hosting providers are a bit screwed relying on .htaccess ... -- James Walker :: http://walkah.net/ :: xmpp:walkah@walkah.net