Nobody can read your PHP file, don’t worry 🙂
Thread Starter
gnam
(@gnam)
Thanks – it’s just that I’m new to all this and all my php/wordpress files are in an open folder on the server.
I thought that if I could install via browser then that meant that anyone could install and have access to my server space and content.
:S
Gnam
once the WP is installed, its installed.
run the installer script again and it will give u an error message.
Thread Starter
gnam
(@gnam)
Okay, thanks – I’ll now try and relax 🙂
Gnam
thou shalt never relax.
watever the security features there might be, still do take weekly backups.
Thread Starter
gnam
(@gnam)
That’s a good point you bring up there!
I chose this blog among all the others because of the great reviews and comments that I have read. It’s a very good blog indeed!
However, I’m already looking at Radio UserLand because I like the idea of having a desktop backup of all my posts.
How am I supposed to back up WordPress? By using the phpadmin features on my server? Am I supposed to download the Sql database?
<hunting forums right now…>
Gnam
Well years ago I seem to recall that if the PHP module/interpretor is down, the web server may end up spitting out the php file as pure text. But then that’s years ago…as for a forum, why not give PunBB a try?
Thread Starter
gnam
(@gnam)
Hi alrescha,
thanks for the reply.
When I said ‘hunting for forums’ it was to say that I was scouring the WordPress forums for info on how to backup my database files 😉
I’m still not too sure a Blog is what I need – I’m now taking a look at http://www.editme.com…
Bye,
Gnam
once the WP is installed, its installed.
run the installer script again and it will give u an error message. Where did THAT come from? He was asking about the wp-config.php file NOT the install.php file. Big diff there bucko. One CANNOT delete the wp-config.php file as it contains the DB connection info. It would be nice if there was a better way to do it, but I haven’t got a clue as to how. And WP isn’t the only PHP “app” that I’ve used that’s done it this way.
TG
Thread Starter
gnam
(@gnam)
So – can the database sql password be stolen/read from the wp-config.php file?
WARNING: Newbie inside 🙂
Gnam
No gnam, it cannot. wp-config.php renders as a blank page in all browsers. In fact, you should not delete it, as it is a file that a lot of the pages in wordpress require.
Think of it this way, there has to be at least one file with the database details in your files that has the info that WP would require to connect to the database to perform the operations, right? Now, that file is wp-config.php, and it should be readable by the other pages in the wp installation.
WordPress is more secure since it asks you to edit the wp-config.php , since only you, with ftp/ssh access to your website can do the editing.
@tg:
My comment came in this context:
I thought that if I could install via browser then that meant that anyone could install and have access to my server space and content.
Thread Starter
gnam
(@gnam)
Okay – thanks to everone. I think I get the picture now.
😉
Gnam
Anonymous
Gnam,
Depending on how you webhost’s configuration, other users on the same server as your shared hosting account could read the file via a shell access. It’s always better to put your admin files in a non-standard directory. Ask your webhost about this.
