Errata in the README
A for , submitted by michael-e on 05 August 2009
Announcement
Symphony's issue tracker has been moved to Github.
Issues are displayed here for reference only and cannot be created or edited.
Browse
Closed#89: Errata in the README
Right. Thanks for pointing that out.
This is a note for next release: to add in instruction for moving /manifest/ out of publicly accessible folder to boost security.
Can’t you just automatically create a .htaccess in /manifest/ and put deny from all
in it?
I’d prefer phogue’s solution. Moving /manifest/ out of the site root folder would at least require renaming in order to allow several virtual hosts/Symphony installations to run side by side on one server.
Can’t you just automatically create a .htaccess in /manifest/ and put deny from all in it?
Yes, you can. That is a good idea and something that should be there in all installations.
Moving /manifest/ out of the site root folder would at least require renaming in order to allow several virtual hosts/Symphony installations to run side by side on one server.
It won’t be suitable for everyone, hence the idea of using deny from all
, but in some situations it might be handy to have the manifest in a private location.
Also it’s a good idea to put requirements (like website) in the README.
Server requirements added and security instruction update on README.
This issue is closed.
In the README, under “Security”, we find:
AFAIK, it is no more necessary to change permissions for the symphony directory.
Step 2 should be changed accordingly.