password security
Posted: Mon Jan 22, 2018 1:51 pm
Script URL: Don't understand
Version of script: 2.1.2
Hosting company: godaddy
URL of phpinfo.php: Don't understand
URL of session_test.php: Don't understand
What terms did you try when SEARCHING for a solution: "password"
--------------------------------------------
Greetings everybody
This is my first time on the forum, having just installed 'click counter'.
I found the instructions very clear - I was able to get everything set up (and working) very easily.
I apologise for not knowing the answers to the URL questions - I'm new to php.
I'm trying to become security concious.
It's not easy, because everything techie seems to default to unsecure
I noticed that my cPanel has an option 'no indexing', to prevent my directory contents from being displayed if an index.html or php is not present.
I read somewhere that this might impact on doc delivery speed.
Does anybody have any knowledge of this?
Otherwise, it seems sensible to switch it to 'no indexing'.
Anyway, I then examined the contents of ccount and found the password is in ccount_settings.php which is in my public_html directory.
I tried to access it directly but the page showed "invalid attempt!".
Even still; I was wondering whether this can be downloaded by other means, by people who know their way around servers.
What is the thinking on this?
If it is not very secure; perhaps a warning should be provided (during installation) to use a unique password - I've seen such warnings from time to time.
Is it a difficult task to scramble the password?
Regarding display.php & display(after-install).php
Should both these files be deleted?
Anyway, so far, so good.
I'm now going to rewrite all the links in my docs
Edit
That done, I've noticed that my browser firefox, on my site, always creates unique clicks.
I did a search here, and learned that it must be a cookie problem.
Tested chrome and it's the same.
I tried disabling ublock, but it made no difference.
Perhaps it is the case that some visitors will always show up as unique.
Version of script: 2.1.2
Hosting company: godaddy
URL of phpinfo.php: Don't understand
URL of session_test.php: Don't understand
What terms did you try when SEARCHING for a solution: "password"
--------------------------------------------
Greetings everybody
This is my first time on the forum, having just installed 'click counter'.
I found the instructions very clear - I was able to get everything set up (and working) very easily.
I apologise for not knowing the answers to the URL questions - I'm new to php.
I'm trying to become security concious.
It's not easy, because everything techie seems to default to unsecure
I noticed that my cPanel has an option 'no indexing', to prevent my directory contents from being displayed if an index.html or php is not present.
I read somewhere that this might impact on doc delivery speed.
Does anybody have any knowledge of this?
Otherwise, it seems sensible to switch it to 'no indexing'.
Anyway, I then examined the contents of ccount and found the password is in ccount_settings.php which is in my public_html directory.
I tried to access it directly but the page showed "invalid attempt!".
Even still; I was wondering whether this can be downloaded by other means, by people who know their way around servers.
What is the thinking on this?
If it is not very secure; perhaps a warning should be provided (during installation) to use a unique password - I've seen such warnings from time to time.
Is it a difficult task to scramble the password?
Regarding display.php & display(after-install).php
Should both these files be deleted?
Anyway, so far, so good.
I'm now going to rewrite all the links in my docs
Edit
That done, I've noticed that my browser firefox, on my site, always creates unique clicks.
I did a search here, and learned that it must be a cookie problem.
Tested chrome and it's the same.
I tried disabling ublock, but it made no difference.
Perhaps it is the case that some visitors will always show up as unique.