FW: [Phpmyadmin-devel] Re: MAJOR security hole
mike.beck at ibmiller.de
Mon Aug 12 02:04:02 CEST 2002
> Could we detect a .htaccess protection?
> If so, let's display a big red warning if someone uses the
> config auth mode
> without a .htaccess protection...
we could detect if HTTP_AUTH_USER is set
also: is a robots.txt file only searched for in the main
directory of a domain or can it also be in subdirectories? if
it can be then we could also put a robots.txt file in the
dist that disallows robots to go there.
mike.beck at users.sourceforge.net
More information about the Developers