FW: [Phpmyadmin-devel] Re: MAJOR security hole

[Beck, Mike]

> Could we detect a .htaccess protection?
> If so, let's display a big red warning if someone uses the 
> config auth mode
> without a .htaccess protection...
> 
> Alexander
> 
 
we could detect if HTTP_AUTH_USER is set
also: is a robots.txt file only searched for in the main 
directory of a domain or can it also be in subdirectories? if 
it can be then we could also put a robots.txt file in the 
dist that disallows robots to go there.

-- 
Mike Beck
mike.beck at users.sourceforge.net