ahh! thanks for clearing that up! it took a while to get it through my thick paranoid skull.
2 2008-09-02 20:12
Re: config.php question (7 replies, posted in PunBB 1.2 discussion)
you can't see the contents through a browser but you can save the file on your local machine and open and read the contents of the file. voila, you have user name and password to mysql dbs.
3 2008-09-02 19:58
Re: config.php question (7 replies, posted in PunBB 1.2 discussion)
Thanks for your input. I'm just worried because someone could very easily request that file through http (not ftp) and open it up in any text editor and have your database password.
4 2008-09-02 16:04
Topic: config.php question (7 replies, posted in PunBB 1.2 discussion)
is anyone else worried about having your mysql username and password stored in a config.php file that sits on a webserver? Seems like a disaster waiting to happen. What's the recommendation on how to secure this?