Posted on: 03/11/09 02:51pm
By: Anonymous (justme)
Ive got geeklog installed and i thought i did everything that i needed to do to make it secure but i just did the security check and i got
1. Good! You seem to have removed the install directory already.
2. Your db-config.php is reachable from the web.
This is a security risk and should be fixed!
3. Your logs directory is reachable from the web.
This is a security risk and should be fixed!
4. Your plugins directory is reachable from the web.
This is a security risk and should be fixed!
5. Your system directory is reachable from the web.
This is a security risk and should be fixed!
6. Your backups directory is reachable from the web.
This is a security risk and should be fixed!
7. Your data directory is reachable from the web.
This is a security risk and should be fixed!
8. Good! You seem to have changed the default account password already.
How do i make it so these files and directories are unreachable?
Re: Security question
Posted on: 03/11/09 05:03pm
By: beewee
If you installed Geeklog in the preferred/default configuration, alle these file are outside the public directories, but it seems you've installed the complete CMS in a public directory.
You could protect them with a .htaccess file, but it's better to install Geeklog outside the public area. If you specify the path/directory you've installed Geeklog in, we can be more specific.
Re: Security question
Posted on: 05/25/09 07:03pm
By: haakuturi
I'm going to ninja this thread rather than start a new one, given that my problem is exactly the same!
I've got Geeklog installed in the root drive. was installed via Fantastico. Can I safely ignore this error, or is that bad? :pray:
**Edit**
Actually, I'm a noob. My error is totally different!
Results of the Security Check
1. Good! You seem to have removed the install directory already.
2. php_network_getaddresses: getaddrinfo failed: Name or service not known
3. php_network_getaddresses: getaddrinfo failed: Name or service not known
4. php_network_getaddresses: getaddrinfo failed: Name or service not known
5. php_network_getaddresses: getaddrinfo failed: Name or service not known
6. php_network_getaddresses: getaddrinfo failed: Name or service not known
7. php_network_getaddresses: getaddrinfo failed: Name or service not known
8. Good! You seem to have changed the default account password already.
Re: Security question
Posted on: 07/12/10 06:57pm
By: perfectten
Quote by: justmeIve got geeklog installed and i thought i did everything that i needed to do to make it secure but i just did the security check and i got
1. Good! You seem to have removed the install directory already.
2. Your db-config.php is reachable from the web.
This is a security risk and should be fixed!
3. Your logs directory is reachable from the web.
This is a security risk and should be fixed!
4. Your plugins directory is reachable from the web.
This is a security risk and should be fixed!
5. Your system directory is reachable from the web.
This is a security risk and should be fixed!
6. Your backups directory is reachable from the web.
This is a security risk and should be fixed!
7. Your data directory is reachable from the web.
This is a security risk and should be fixed!
8. Good! You seem to have changed the default account password already.
How do i make it so these files and directories are unreachable?
I GOT THIS SAME MESSAGE WHEN DOING A SECURITY CHECK; DO I IGNORE THIS OR FIX IT?
Re: Security question
Posted on: 07/13/10 01:57am
By: Dirk
Honest question: Does this sound like something you should ignore?
This is a security risk and should be fixed!
bye, Dirk