Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted February 11, 200817 yr Here`s an idea :D Add a line (probably init.php would be a good place) :unsure: , to disable access to the SQL Toolbox area completely. As if anyone gains root access, you can at least limit (a bit) what they can do. Something like...define ( 'SQL_TOOLBOX', 0 ); To turn it off (ideally by default it should be off, just imo) Just a thought anyway ;)
February 11, 200817 yr to disable access to the SQL Toolbox area completely. Not bad idea but I use it often. Rather protect it by password.
February 11, 200817 yr I just delete the file from action_admin when I don't want it accessible. Simple but effective, I overlooked the easy way :blush: :D
February 13, 200817 yr I just did what Brandon said. If I need to run queries I always do it from phpMyAdmin. Ever since I discovered FireFox a year ago (yeah I was stubborn) I believe firmly in many multiple tabs :D.
February 24, 200816 yr Personally I think that root admin should have access to everything in AdminCP, all the time. If you own a board and are root admin, and are nervous about some of the features, you can always create yourself a second admin account, and use the AdminCP security features to switch off the parts of AdminCP that you don't want to use unless you really HAVE to, in which case you login as root instead. Just my tuppence worth.....
February 25, 200816 yr just thinking how many people have actually had their forums hacked by the sql console? happened alot in the 1.3 versions but haven't seen or heard of it happening in a long time
Archived
This topic is now archived and is closed to further replies.