On 4 July 2011 14:49, Marc Delisle <marc(a)infomarc.info> wrote:
Le 2011-07-04 07:37, Herman van Rink a écrit :
Zarubin / all,
I would like to add a .htaccess file to the test directory of phpmyadmin
similar to the libraries/.htaccess file.
This would be better than no protection at all; but not all web servers
support the .htaccess mechanism.
This should not affect regular users as the directory is not included in
the download kits.
It would protect someone who uses a Git checkout from accidentally
exposing path information though.
Would it be enough to include a README.txt file in the test directory
which explains how to allow certain IP's ?
I suggest just a reference to
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow
What are your thoughts?
I think its right decision.
--
Marc Delisle
http://infomarc.info
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Phpmyadmin-devel mailing list
Phpmyadmin-devel(a)lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel