How to hide the Login Tools user database?
Posted: Fri Apr 17, 2009 6:42 am
By default the user database of the login tools can be accessed by anyone that knows the file name. And although the passwords are encoded, the email addresses are not hidden.
So the first thing you should do is to make sure you give the user database a unique name that can not easily be guessed.
For example: A6gr8JDaTa.csv
To make the user database completely in accessible you can create a .htaccess file in the folder on the server with the following content:
where usersdb.php is the name of the database and
***.***.***.*** is your IP address.
See also:
http://www.javascriptkit.com/howto/htaccess.shtml
So the first thing you should do is to make sure you give the user database a unique name that can not easily be guessed.
For example: A6gr8JDaTa.csv
To make the user database completely in accessible you can create a .htaccess file in the folder on the server with the following content:
Code: Select all
<Files "usersdb.php">
Order deny,allow
Allow from ***.***.***.***
Deny from all
</Files>***.***.***.*** is your IP address.
See also:
http://www.javascriptkit.com/howto/htaccess.shtml