diff options
| author | Oleg Pudeyev <oleg@bsdpower.com> | 2011-05-08 03:21:19 -0400 |
|---|---|---|
| committer | Oleg Pudeyev <oleg@bsdpower.com> | 2011-05-08 03:21:19 -0400 |
| commit | ab44fe5e394fe7b69c57266e2934200a3ee9bbc5 (patch) | |
| tree | e6021c19fa15800787b1a7459fb8ad40cf2d8391 /phpBB/docs/INSTALL.html | |
| parent | 9c6660a2253149baff0094b943823de6758b35a6 (diff) | |
| parent | c0336988155736583c6fc4398980bd2a4e4036b6 (diff) | |
| download | forums-ab44fe5e394fe7b69c57266e2934200a3ee9bbc5.tar forums-ab44fe5e394fe7b69c57266e2934200a3ee9bbc5.tar.gz forums-ab44fe5e394fe7b69c57266e2934200a3ee9bbc5.tar.bz2 forums-ab44fe5e394fe7b69c57266e2934200a3ee9bbc5.tar.xz forums-ab44fe5e394fe7b69c57266e2934200a3ee9bbc5.zip | |
Merge branch 'develop' into feature/prune-users
* develop: (170 commits)
[ticket/10145] Always recompile all templates when DEBUG_EXTRA is defined.
[feature/attachment-management-no-reassignment] Handle privacy and some more.
[ticket/10148] Turn TEMPLATE_BITFIELD into an instance variable.
[ticket/10147] Corrected a typo in includes/functions_template.php.
[ticket/10141] Save a hash lookup when value is not in cache.
[ticket/10143] Added tests for storing a previously deleted value in db cache.
[ticket/10105] Update AIM express link.
[ticket/10105] Update AIM application download link.
[ticket/10137] Remove unintended space at end of PHP_URL_FOPEN_SUPPORT_EXPLAIN.
[ticket/10141] Split double-assignment into conditional and unconditional part.
[ticket/10141] Use a cache in $auth->_fill_acl() for better performance.
[ticket/9961] Create log entries when users are activated.
[ticket/10139] Make signatures of set_atomic() consistent by using $new_value.
[ticket/10139] Rename $cache to $use_cache to avoid confusion with cache object
[ticket/10006] Remove unneeded if statements
[ticket/10006] Remove return values
[ticket/10006] More testing
[ticket/10006] Tweak the tests a bit
[ticket/10006] Add phpbb_config::delete
[ticket/7941] Added @return to generate_board_url docstring.
...
Diffstat (limited to 'phpBB/docs/INSTALL.html')
| -rw-r--r-- | phpBB/docs/INSTALL.html | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/phpBB/docs/INSTALL.html b/phpBB/docs/INSTALL.html index 4af185beb3..9f635fe50b 100644 --- a/phpBB/docs/INSTALL.html +++ b/phpBB/docs/INSTALL.html @@ -79,6 +79,7 @@ <li><a href="#postinstall">Important (security related) post-Install tasks for all installation methods</a> <ol style="list-style-type: lower-roman;"> <li><a href="#avatars">Uploadable avatars</a></li> + <li><a href="#webserver_configuration">Webserver configuration</a></li> </ol> </li> <li><a href="#disclaimer">Disclaimer</a></li> @@ -408,6 +409,12 @@ <p>Please be aware that setting a directories permissions to global write access is a potential security issue. While it is unlikely that anything nasty will occur (such as all the avatars being deleted) there are always people out there to cause trouble. Therefore you should monitor this directory and if possible make regular backups.</p> +<a name="webserver_configuration"></a><h3>6.ii. Webserver configuration</h3> + + <p>Depending on your web server you may have to configure your server to deny web access to the <code>cache/</code>, <code>files/</code>, <code>store/</code> and other directories. This is to prevent users from accessing sensitive files.</p> + + <p>For <strong>apache</strong> there are <code>.htaccess</code> files already in place to do this for you. For other webservers you will have to adjust the configuration yourself. Sample files for <strong>nginx</strong> and <strong>lighttpd</strong> to help you get started may be found in docs directory.</p> + </div> <div class="back2top"><a href="#wrap" class="top">Back to Top</a></div> |