Actually, the best thing, really the only thing to
do is to make sure that your password file is not accessible
from the Web at all! Don't put it in a directory
that is served by Apache. Period.
There have been many historical cases of people downloading
your standard-issue '.htpasswd' file and running crack on
it, finding dozens of simple passwords such as 'bob/bob',
'joe/123' and many others that would surprise you. These
'hax0rz' can do many unpleasant things to your Web site,
and if you're not careful, there might be some system
accounts with the same password and login as on the
site...well, you know what happens next.
So, if your script is running in "/site/www", put your
data somewhere else, like "/site/data" which is not
served by Apache.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|