XOOPS Installation Guide
  • Introduction
  • Chapter 1: Preamble
  • Chapter 2: Introduction
  • Chapter 3: Server Configuration Check
  • Chapter 4: Take the Right Path!
  • Chapter 5: Database Connections
  • Chapter 6: Final System Configuration
  • Chapter 7: Administration Settings
  • Chapter 8: Ready to go!
  • Chapter 9: Upgrade Existing XOOPS Installation
  • Upgrading from XOOPS 2.4.5 (easy way)
  • Upgrading from XOOPS 2.0. above 2.0.14 and 2.2.
  • Upgrading from any XOOPS (2.0.7 to 2.0.13.2)
  • Upgrading a non UTF-8 site
  • Upgrading XoopsEditor package
  • Appendix 1: Working with the new Admin GUI (our Dashboard)
  • Appendix 2: Uploading XOOPS via FTP
  • Appendix 3: Translating XOOPS to Local Language
  • Appendix 4: Useful Tools
  • Appendix 5: Increase security of your XOOPS installation
  • About XOOPS CMS
Powered by GitBook
On this page

Appendix 5: Increase security of your XOOPS installation

PreviousAppendix 4: Useful ToolsNextAbout XOOPS CMS

Last updated 7 years ago

After you’ve installed XOOPS, you can increase its security by following few simple steps.

1) First, go to the Protector.

When there, you might see some warnings. 'register_globals' and' allow_url_fopen 'you have already asked hostgator to change, so it will change when they have had hold of your ticket.

2) Changes in mainfile.php

has been moved to /xoops_data/data/secure.php file, which when placed outside of the Document Root, makes it harder to hackers to access it - see the figure below:

However, when you update to XOOPS 2.5.0 from an older XOOPS installation, the DB information will stay in the mainfile. But you can do it also manually, i.e. move the DB Info part to the secure.php, but make sure that you also add in the mainfile.php the link to the /xoops_data/data/secure.php file like this:

Once you save and close both files, remember to change the rights of both of them to 404.

Remember also to delete the folder "install" from your XOOPS Installation.

XOOPS 2.5.0 brings another security enhancement. The part of the mainfile that contains info related to database, its user name and password: