[CentOS] Groups
m.roth at 5-cent.us
m.roth at 5-cent.us
Mon Jan 31 18:17:16 UTC 2011
Always Learning wrote:
> On Mon, 2011-01-31 at 18:05 +0100, Nicolas Thierry-Mieg wrote:
<snip>
> Also avoid having phpMyAdmin off the main web directory. Ordinary users
> don't need access and should never have access to it. Hide it away
> somewhere and create a virtual Apache host to use it with a non-standard
> port number. Make it hard for the hackers and spoilers to find it.
Um, no. The answer is yum remove phpMyAdmin on a production system. As I
read the logs for all our servers, and a number are world-visible
websites, I can't tell you the number of times I've seen probes looking
for that.
<snip>
mark
More information about the CentOS
mailing list