Le 2011-07-04 07:37, Herman van Rink a écrit :
Zarubin / all,
I would like to add a .htaccess file to the test directory of phpmyadmin
similar to the libraries/.htaccess file.
This would be better than no protection at all; but not all web servers
support the .htaccess mechanism.
This should not affect regular users as the directory is not included in
the download kits.
It would protect someone who uses a Git checkout from accidentally
exposing path information though.
Would it be enough to include a README.txt file in the test directory
which explains how to allow certain IP's ?
I suggest just a reference to
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow
What are your thoughts?
--
Marc Delisle
http://infomarc.info