Simple Invoices logo
HOME | DOWNLOAD | BLOG | FORUM | DEMO
Not signed in (Sign In)

Support: CRITICAL!!! Securing config.ini

Bottom of Page

1 to 3 of 3

  1.  
    • CommentAuthorabsuk
    • CommentTimeJan 14th 2010 edited
     permalink
    hello,

    dose any one know how to disable direct access to http://invoice.domain.co.uk/config/config.ini,

    at the moment if you type that in the web address anyone can view the config file, which is a big security problem.

    cheers

    abs
    • CommentAuthorjustin
    • CommentTimeJan 15th 2010
     permalink
    hey abs

    in the release there is a .htaccess file in the root dir which prevents .ini access - you may have to enable allow override in your apapche config

    ie. http://simpleinvoices.org/demo/config.ini


    let us know how you go

    cheers

    justinSmarterInvoices.com Simple Invoices hosting | SixHQ.com Simple Invoices custom development | Me
    • CommentAuthorabsuk
    • CommentTimeJan 15th 2010 edited
     permalink
    Cheers Justin,

    That did the trick, I use a Mac, as such the .htaccess file is hidden, so did not even see it, even when i SSH onto my server it wont show it, all fixed now. thanks again.



    abs

1 to 3 of 3

  1.