Webmastersite.net
Register Log In

Post Install check-list - Security

Title Post Install check-list - Security
Message Text Since I have not found any specifics about this I wanted to ask about/compile a short list of things to-do or not.. Firstly in this message it would be good to clarify if setup.php, upgrade.php, etc. can go or should be left were they are. When I read "No, do go ahead and forget." in the context it sounds almost as if the setup.php should NOT be removed.. Many script authors apparently don't protect existing installations from being wiped when such installation files are re-run, and thusly reccomend removing such installation related files. So, like many I presume, I have been either deleting, renaming or setting their permissions to 000. I never considered, until now, that maybe I have created a problem in the process. Secondly, as mentioned in the referenced thread, there is some security by obscurity -- un-branding and so forth. Given that robots have a knack of digging up all sorts of things normal browsers are unlikely to find, I typically remove text files and informational html pages that are for the customer only. The ramifications seem to be quite simple and obvious for the most part with the 'text' stuff. So I just replace the readme.txt with my own notes to keep the main CP page links alive. Other tell-tale signs like "WSN Codes" references among the pages are a little more involved perhaps and I've not bothered with them so far.
Rating
  • 0/5
  • 1
  • 2
  • 3
  • 4
  • 5
0/5 based on 0 votes.
Ownership zippo
Views 476 views. Averaging 0 views per day.
Similar Topics
Submission Date Feb 02, 2006 - 10:42 AM