Security
|
This page describes steps to enhance your security. |
- completely remove the /install folder
- use an admin username with 6 characters or more
- use an admin password with 6 characters or more
- change your password periodically
- when using a protected page, make sure you see 'Secured by ...' in the top of the page
- when using admin click the logout link to end and destroy your session, then close your browser
phpYellow Version 6.x Security Update July 23rd, 2008
This security update applies to phpYellow version 6.x only:- review your website files and remove any that do not belong to phpYellow.
- verify that your folder permissions are CHMOD 755 except for /userlogo and /userdata which are CHMOD 777 and the file util.php which is CHMOD 666.
- delete the folder /modules/easysql/csv/ and all files in the /csv folder
- add this code as the first 3 lines to register_result.php :
<?php require_once("util.php");?>
<?php // initialize or capture system identifiers
$form_to_include = "";