21 Mar
2006
21 Mar
'06
1:27 p.m.
Jon Daley wrote:
On Tue, 21 Mar 2006, Colin Alston wrote:
But be sure you don't make the site go live unless you're sure the outside world does not have access to your configuration (namely database passwords).
How would that happen? The passwords are stored in a php file, so Idon't believe accessible from outside the machine. And local file access isn't affected by .htaccess.
It only has to happen once if a configuration slips and your apache doesn't interpret a php file and the whole world sees you with your underpants around your ankles. It's not worth the risk, security by obscurity is no security at all.
--
Colin Alston karnaugh@karnaugh.za.net
http://www.karnaugh.za.net/
'CYNIC, n. A blackguard whose faulty vision sees things as they are,
not as they ought to be. Hence the custom among the Scythians of
plucking out a cynic's eyes to improve his vision. ' D