FS#404 : Protecting the content of the configuration.php file

This is the bug tracking and feature request tracking system for the Mambo open source CMS project. To add a new task, or comment or vote on an existing task, please register, preferably by using the same username that you use on the forums .

Please do not open tasks for bugs in versions earlier than Mambo 4.6.5.

FS#404 - Protecting the content of the configuration.php file

Attached to Project: Mambo BTS
Opened by Tom (mamtom) - Wednesday, 09 July 2008, 14:51 GMT-4
Last edited by Andres Felipe Vargas valencia (andphe) - Sunday, 09 August 2009, 18:48 GMT-4

Task Type	Enhancement
Category	Backend
Status	Unconfirmed
Assigned To	No-one
Operating System	All
Severity	Medium
Priority	Normal
Reported Version	4.6.5
Due in Version	4.7
Due Date	Undecided
Percent Complete
Votes	1 trang (hwang) (2008-07-12)
Private	No

Details

For security reasons, I’d like to get the contents of the configuration.php file out of sight, preferably outside the public_html folder. Previously, I was able to use an include in a configuration.php file and call the full configuration from a renamed configuration file outside the browsable area of my site.

Current Mambo security doesn’t allow the use of a configuration file outside the absolute path.

More explanation here: http://forum.mambo-foundation.org/showthread.php?p=64318#post64318.

TIA.

This task depends upon

Comments (1)
Related Tasks (0/0)

Comment by Tom (mamtom) - Wednesday, 09 July 2008, 14:53 GMT-4

Apologies, didn't select the correct version. It should be 4.6.x

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Mambo CMS Tracker

Mambo BTS

FS#404 - Protecting the content of the configuration.php file

Details

Loading...