[development] let's cleanup /misc
James Walker
walkah at walkah.net
Thu Jan 5 17:50:48 UTC 2006
On 1/5/06 12:41 PM, Karoly Negyesi wrote:
>> 1. Improve the security of a Drupal install by keeping all files
>> private, except for an index.php, no module or include files should be
>> accessible from a web browser
>
> This will not increase security. If .htaccess can not protect you, why
> would this? And how would we ship the tarball...? Untar this half below
> documentroot and index.php to documentroot...? /me shakes head
>
well, users of non-apache (say, IIS, e.g.) servers or those who aren't
permitted .htaccess overrides by their hosting providers are a bit
screwed relying on .htaccess ...
--
James Walker :: http://walkah.net/ :: xmpp:walkah at walkah.net
More information about the development
mailing list