[Phpmyadmin-devel] Securing the test directory
Stas Zarubin
zarubin.stas at gmail.com
Mon Jul 4 14:53:59 CEST 2011
On 4 July 2011 14:49, Marc Delisle <marc at infomarc.info> wrote:
> Le 2011-07-04 07:37, Herman van Rink a écrit :
>> Zarubin / all,
>>
>> I would like to add a .htaccess file to the test directory of phpmyadmin
>> similar to the libraries/.htaccess file.
>
> This would be better than no protection at all; but not all web servers
> support the .htaccess mechanism.
>>
>> This should not affect regular users as the directory is not included in
>> the download kits.
>>
>> It would protect someone who uses a Git checkout from accidentally
>> exposing path information though.
>>
>> Would it be enough to include a README.txt file in the test directory
>> which explains how to allow certain IP's ?
>
> I suggest just a reference to
> http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow
>
>>
>> What are your thoughts?
>>
>
I think its right decision.
>
> --
> Marc Delisle
> http://infomarc.info
>
> ------------------------------------------------------------------------------
> All of the data generated in your IT infrastructure is seriously valuable.
> Why? It contains a definitive record of application performance, security
> threats, fraudulent activity, and more. Splunk takes this data and makes
> sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-d2d-c2
> _______________________________________________
> Phpmyadmin-devel mailing list
> Phpmyadmin-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
>
More information about the Developers
mailing list