Jon Daley wrote:
On Tue, 21 Mar 2006, Colin Alston wrote:
But be sure you don't make the site go live unless you're sure the
outside world does not have access to your configuration (namely
database passwords).
How would that happen? The passwords are stored in a php file, so I
don't believe accessible from outside the machine. And local file
access isn't affected by .htaccess.
It only has to happen once if a configuration slips and your apache
doesn't interpret a php file and the whole world sees you with your
underpants around your ankles. It's not worth the risk, security by
obscurity is no security at all.
--
Colin Alston <[EMAIL PROTECTED]>
http://www.karnaugh.za.net/
'CYNIC, n. A blackguard whose faulty vision sees things as they are,
not as they ought to be. Hence the custom among the Scythians of
plucking out a cynic's eyes to improve his vision. ' D
