Security issues
A longer extract of the configure.php
script looks like this:
<?php
$MY_ENV['BASE_CMS_URL'] = "http://localhost/docmint";
$MY_ENV['BASE_CMS_LOC'] = "/path/to/docmint";
$MY_ENV['BASE_UPLOAD_LOC'] = "/path/to/docmint/upload";
$MY_ENV['BASE_UPLOAD_URL'] =
"http://localhost/docmint/upload";
$MY_ENV['BASE_ENGINE_LOC'] = "/path/to/docmint/engine";
$MY_ENV['PEAR_local'] = "/path/to/docmint/PEAR_local";
$MY_ENV['GESHI_LOC'] = "/path/to/docmint/engine/geshi";
$MY_ENV['GESHI_LANG_LOC'] = "/path/to/docmint/engine/geshi/languages";
$MY_ENV['BASE_WYSIWYG_URL'] = "/path/to/docmint/engine/javascript/xinha
";
?>
You can see that it is possible to move
parts of the Docmint system around by altering the confugre.php file manually. The
only two variables which need a HTTP access are the upload folder and the
WYSIWYG editor Xinha.
For security reasons we advise you to move
the 'engine' folder and the 'PEAR_local' folder (if used at all) outside of
your web accessible area of the server. Then, manually, move the folder 'javascript'
somewhere where it can be accessed through HTTP. The upload folder should not
be affected when you move the engine around. If you run multiple instances of
Docmint you might want to have a new instance of the upload folder anyway, so
better duplicate it.
There are no user contributed notes for this page.
Multiple instances of Docmint
