MySQL settings

by sestir, Saturday, May 21, 2016, 16:18 (3065 days ago)

Question 1
Is it a good idea to place the selfoss-2/ catalog in the public directory like this: /var/www/selfoss-2/ ?
If so, should any measures be taken to prevent sensitive information in case, for example, the server would be misconfigured for a while so that visitors can read config.ini?

Question 2
Here jitojnar says:

Sometimes we forget to add the prefix when we change the code and as not many people use the db_prefix option it often goes unnoticed.

If I am not mistaken, this is true for version 2.15. Would it be possible to provide a list of places in the code where a user can fix this or should we give up security and omit the table prefix option?

Question 3
What privileges should selfoss's mysql-user have?

---
I tried to install this on Debian wheezy with apache2 php5-fpm/fastcgi and mysql 5.6 iirc. So far, I have had these issues: 723, the generate password-hash doesn't work with safari (at least not with my settings) but worked with firefox (mac) and "An error occurred".

At the moment I am at this point:
05-21-16 13:51:01 Debug logged in with supplied username and password
05-21-16 13:51:01 Debug logged in with supplied username and password
05-21-16 13:51:01 Debug set cookie on mydomain.tld/selfoss-2/ expiring in 2592000 seconds
05-21-16 13:51:01 Debug logged in using valid session
05-21-16 13:51:01 Debug Establish database connection
05-21-16 13:51:01 Error PDOStatement: Table 'selfoss.version' doesn't exist

Of course it exists. :p
Hope to get some answers so I can try again knowing a little more about what I am doing.


Complete thread:

 RSS Feed of thread

powered by my little forum