1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.2 One final post-install question...

Discussion in 'Installation, Upgrade, and Import Support' started by Lord-Cupre, Sep 8, 2013.

  1. Lord-Cupre

    Lord-Cupre Member

    Ok, got Xenforo installed "with a little help from my friends" (thanks Adam!).

    Anyway, are there any final nuggets of advice after installing, such as "Oh, by the way, you should have deleted the xyz file after installing, or hackers can delete your forums."

    Or "oh, by the way, in user settings, be sure to set the abc parameter to 'no' or else hackers can insert html and do damage."

    That's about it.

    Thanks all,
  2. Brogan

    Brogan XenForo Moderator Staff Member


    You just need to set the options and permissions as you see fit.
  3. Lord-Cupre

    Lord-Cupre Member

    Thanks, Brogan!

    Fare thee well,
  4. Tracy Perry

    Tracy Perry Well-Known Member

    Only "nugget" I'd suggest would be password protect your /install directory and the admin.php. Use a different username and password other than your main forum administrator account info.
  5. Tracy Perry

    Tracy Perry Well-Known Member

    Chronicles of Amber fan?
  6. Lord-Cupre

    Lord-Cupre Member

    Thanks, Tracy!
    As for Chronicles of Amber, I have not read them - but now I will!

    Liam W likes this.
  7. Liam W

    Liam W Well-Known Member

    Yeah, make sure you htaccess the admin.php file. I always check that file first - if it doesn't have htaccess protection, I wonder if they care for their site...

    Just be sure to use different details as to the admin account's logins, otherwise it sort of defeats the purpose...
  8. Lord-Cupre

    Lord-Cupre Member

    Thanks for the tip!
    Since I am a bit of a noob, can you advise me via PM on how to do htaccess protection on the admin.php file?
    Ie how do I do that?

    Does it involve the CPanel or something?

  9. Liam W

    Liam W Well-Known Member

    If you have cPanel installed, just look for 'Password protect directories'. Find an unused directory, and set it up with a username or password.

    (I don't believe you can do files from that menu)

    In the .htaccess file in the directory, cut everything, but instead of the 'Require valid-user' line, place this:

    <Files 'admin.php>
    require valid-user

    into the root .htaccess

  10. Lord-Cupre

    Lord-Cupre Member

  11. Lord-Cupre

    Lord-Cupre Member

  12. Lord-Cupre

    Lord-Cupre Member

    Oops - I see what you mean about a Difft directory.
    I put the .htaccess file in /community and it password protected the whole site!

Share This Page