[Mediawiki-l] Security - MediaWiki 1.9.2
Michael Daly
mikedaly at magma.ca
Thu Mar 8 03:47:38 UTC 2007
Roger Chrisman wrote:
> Luckily my MySQL pw and username are *above* that in LocalSettings.php
> so they did not get out.
You can take the passwords and user IDs out of LocalSettings and move
them to another another file in another directory. In
LocalSettings.php, put something like:
require_once( "externalIncludes/mySQLDetails.php" );
$wgDBserver = $db_host;
$wgDBname = $db_name;
$wgDBuser = $db_user;
$wgDBpassword = $db_password;
Then in the directory externalIncludes put a file mySQLDetails.php with
content:
<?php
$db_host="hostname";
$db_name="dbname";
$db_user="username";
$db_password="password";
?>
Of course, the actual values are what you are using for your
configuration.
You can ensure that that directory is not accessible directly so no one
can view the file.
Mike
More information about the MediaWiki-l
mailing list