How to hide the Login Tools user database?

Frequently Asked Questions about WYSIWYG Web Builder
Locked
User avatar
Pablo
 
Posts: 12202
Joined: Tue Mar 28, 2006 12:00 pm
Location: Europe
Contact:

How to hide the Login Tools user database?

Post by Pablo » Fri Apr 17, 2009 6:42 am

By default the user database of the login tools can be accessed by anyone that knows the file name. And although the passwords are encoded, the email addresses are not hidden.

So the first thing you should do is to make sure you give the user database a unique name that can not easily be guessed.
For example: A6gr8JDaTa.csv

To make the user database completely in accessible you can create a .htaccess file in the folder on the server with the following content:

Code: Select all

<Files "usersdb.php"> 
Order deny,allow 
Allow from ***.***.***.*** 
Deny from all 
</Files>
where usersdb.php is the name of the database and
***.***.***.*** is your IP address.

See also:
http://www.javascriptkit.com/howto/htaccess.shtml

Locked

Who is online

Users browsing this forum: No registered users and 2 guests