Potential Security Risk: Database Backups [Archive]

Thank you for visiting. This is our website archive. Please visit our main website by clicking the banner above. vBulletin FAQ is dedicated to helping the forum owner build, manage and profit from his vBulletin Forum vBulletin Web Hosting - Free skins and styles for your vBulletin - Search Engine Optimization

vBulletin FAQ Forums > Building and Managing Your vBulletin Community > Setting up and Customizing your Forum > Potential Security Risk: Database Backups PDA Potential Security Risk: Database Backups Joeychgo 09-01-2005, 06:30 PM Scott MacVicar, vBulletin developer, has pointed out a potential security risk, leaving database backups generated from the admin panel in public accessible folders on the web server. It is recommended that all backups are saved in an alternate folder below the web root so that unauthorised users are unable to download this backup. In an attempt to resolve any confusion in future releases vBulletin will have suffixed the database backups with a random 5 character string and a more visible warning to administrators within the backup page. noppid 09-01-2005, 06:42 PM I read that, however, he has it backwards it would seem. You walk the file system tree downward into folders. The backups should be in a folder ABOVE the public root folder. The tree of a typical account is /home/accountname/public_html public_html being the web root, the public folder. The folder /home is referred to as the TOP level directory. The backups should be in /home/accountname/backup_file.sql Better yet, create a folder called backup. ie. /home/accountname/backup and store your backups as /home/accountname/backup/backup_file.sql for better organization.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35