The first thing you should do is store your databases in a folder that is
not accessible from the Internet (out of your web root). For example:
Your websites could be in c:\inetpub\wwwroot\mywebsite\
But you should store the databases somewhere else, eg:
c:\datasources\
Secure this directory and update CF Administrator to look here for
datasources instead. Don't think your databases have to be physically within
your web site for CF to access them.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Pooh Bear
Sent: Wednesday, 23 May, 2001 2:28 AM
To: CF-Talk
Subject: Compromising Security
hey, I was wondering what are the least amount of information someone needs
to compromise my database or code? I am.....err..."hacking?" my
site/database through the URL. So far, I've got 2 tablenames, the
datasource, and some field names. I dont want to have to do a lot of coding
to prevent this from being seen by someone else, but i will if have to, but
first i want to know if anyone could do anything with this much information.
Thanx! :)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists