Tell me your password

Posted on May 18, 2009 by Marcus.

Move credentials outside of the webroot

I've created a new tutorial that shows how to move credentials outside of the webroot. By default TYPO3 stores any kind of configuration into file typo3conf/localconf.php. Besides graphics configuration, etc... also database username/password and the encryption key is stored in there.

Although there's no way to get hold of this data as website user, I personal don't like the approach to store data that is intented to kept private inside the webroot.

The tutorial does explain the reasons in more detail. Have a look!

Permalink | Trackback link
Tags: snippet, typo3
Views: 0
  •  
  • 0 Comment(s)
  •  

Your comment

back

Categories

  • advisory(9)
  • book(1)
  • [-]database(1)
  • exploit(1)
  • hacks(2)
  • others(6)
  • PHP(1)
  • TYPO3(23)

Tag cloud