Re: Re: TikiWiki security problem?
> Always keep upto date with the latest TikiWiki release. And protect your Apache with a .htaccess file to disallow access to files and folders, that shouldnt really be in the docroot.
>
> Examples and details of these are within the articles on tikiwiki.org.
Don't quite understand. Have looked at http://tikiwiki.org/tiki-index.php?page=TikiSecurity&highlight=security
What does the following mean? Do I simply copy and paste into my .htaccess file?
AuthType Basic
AuthUserFile /dev/null
AuthGroupFile /dev/null
Require valid-user
> ** Make sure you are running at least 1.9.2 minimum! All previous releases are insecure. 1.8 releases are no longer maintained and should be upgraded to 1.9.2 with immediate effect.
Actually, I've already upgraded to 1.9.2. Still...