Print

[jenepherre]

I know with other PHP scripts/programs I've used, you're usually told to delete the config.php file to prevent possible security loopholes.  I didn't see anything saying what files should be deleted after installation in the install instructions (which seem very... brief compared to the install instructions for the last version... am I wrong about that?  I wish you went into more detail...).  :|

Can you tell me which files should be deleted, if any, and also which files are safe to delete?  I assume the docs folder doesn't actually have to be on the server, right?  What else?  :?:

Thanks in advance,
Jen
===============================
Jen Robertson
B/J Journal Archives: http://bj.irishcaelan.com/
jen_robertson@sbcglobal.net
===============================
"The only constant is change."
 - Trance Gemini,
"Gene Roddenberry's Andromeda"

[hyperion]

You can leave all files on the server if you wish, as Coppermine locks the installation once it has run.

However, if you wish to save space, you can get rid of install.php, the documentation, and any languages or themes you are not using. Also, xp_publish.php can be removed if you do not want to allow uploads using the XP Publishing utitlity.

You can remove the config.php if you desire, but you will need to put it back anytime you want to change the gallery config.  It is secure, so there is really no need.

I know of one user who had someone try to brute-force attack the login.php script (30,000 requests per hour), so he removed it (he was the only user).  If you needed to login, you could put it back.

Again, all the files have authentication controls, so it is not really necessary to remove anything.

Directory permissions are more important, and you should basically avoid 777 permissions whenever possible.

[jenepherre]

Thanks so much!  Just the info I needed.