• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Security: Moving application and system folder out of public_html

#1
Hi,
Does it increase the security if I move the application and system folder out of public access to server root?
Also, is there anyway we can use password other than the plain text in database config and email config?
At present, if someone hack the system and manages to get the above file they will easily get access to the database.
Reply

#2
https://www.codeigniter.com/user_guide/g..._apps.html
https://www.codeigniter.com/user_guide/g...ments.html

See https://github.com/bcit-ci/codeigniter-website for an example
Reply

#3
(05-10-2017, 04:20 AM)moinchoudhari Wrote: Hi,
Does it increase the security if I move the application and system folder out of public access to server root?

It increases security in the case that you have an accidental mis-configuration of the server that might allow access to things that shouldn't. So, it's more of a safeguard against human error.

[/quote]
Also, is there anyway we can use password other than the plain text in database config and email config?
At present, if someone hack the system and manages to get the above file they will easily get access to the database.
[/quote]

Nope. If we encrypt the values in such a way that it can be reversed (which it would have to if the system is able to connect to the database) then an attacker could easily un-encrypt it. A little exploration and they'd easily find the method if they are on your server.
Practical CodeIgniter 3  • CodeIgniter 4 Foundations - Coming Soon • Vulcan - CLI Tools for CI4
Reply

#4
@ciadmin I have already gone through that. Just was keen to know whether it safeguard the files or not. However, the reply from @kilishan has cleared this to some extent. Thanks both of you for your time and replies to my questions.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.