Possible to put config files outsdie public folder? Possible to put config files outsdie public folder?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Possible to put config files outsdie public folder?

Started by auroramae, July 10, 2008, 05:25:45 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

auroramae

Hello,

I tried to search for this topic to no avail.  Very sorry to bother you all if it has  been addressed previously.

Is it possible to move the config file outside of the public folder and redirect?
Example:

If so, what document needs to be revised.  I looked at config and admin and it seems config redirects to admin in version 1.4.18.

I am currently trying to move all of my scripts' config files from the public folder due to the fact that my host says scam emails are coming from my account.

Nibbler

Do you mean the file that contains the db connection info (include/config.inc.php) or the admin configuration page (admin.php) ?

Either way, I don't see how that would help you. You need to track down what is sending the emails.

auroramae

The host has a generic "secure your php" file in the knowledge base. It says to move all scripts' config files out of public folders.

I'm currently running the latest versions of Coppermine, Joomla! (all extensions up to date) and SMF  Permissions are all set correctly. I've successfully redirected Joomla! files as per a post at Joomla! forums and posted questions to the SMF forums since the redirect for SMF hasn't  worked without some bumps. Thought I'd look before leaping with Coppermine since changed to SMF weren't successful.

Changed all passwords ... emails, database, admin log ins.
Locked down Coppermine - can't  register, log in, upload, send ecard, comment.
Checked all folders for suspicious and modified files.
Can't figure out where this is coming from. They've shut me down twice, third strike and I am done.

aurora

Joachim Müller

It might help if you posted a link to your gallery for a start. It doesn't make sense to move PHP-files around in your case - if you're worried about your site being abused by spammers to send unsolicited emails, there are other ways to accomplish what you're up to. Best method is to keep all of your apps up-to-date.