[Phpmyadmin-devel] Securing the test directory
Marc Delisle
marc at infomarc.info
Mon Jul 4 13:49:02 CEST 2011
Le 2011-07-04 07:37, Herman van Rink a écrit :
> Zarubin / all,
>
> I would like to add a .htaccess file to the test directory of phpmyadmin
> similar to the libraries/.htaccess file.
This would be better than no protection at all; but not all web servers
support the .htaccess mechanism.
>
> This should not affect regular users as the directory is not included in
> the download kits.
>
> It would protect someone who uses a Git checkout from accidentally
> exposing path information though.
>
> Would it be enough to include a README.txt file in the test directory
> which explains how to allow certain IP's ?
I suggest just a reference to
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow
>
> What are your thoughts?
>
--
Marc Delisle
http://infomarc.info
More information about the Developers
mailing list