On 05/24/2011 03:14 PM, Justin B Rye wrote: > Another approach: > > _Description: Mantis setup password: > The Mantis admin directory will be protected via htaccess, allowing > only the user "admin" to configure Mantis. Please specify a password > for this user. Nice approach ... More info ... Mantis works on this way: - it places the database install tools under "admin directory" - the access to the "install" page is not protected (never) - assumes that users are going to delete admin directory when they finish (there are a lot of reminders and warnings) The best way I found to protect this directory is using a web server protection, and I would like the people have a clear notice about what are they doing. Then, what about this.. ------------------------- _Description: Mantis setup Web server protection username: For security reasons, the Mantis administration directory will be protected via htaccess, allowing only the protected user to access database configuration. . Please specify a username. _Description: Mantis setup Web server protection password: For security reasons, the Mantis administration directory will be protected via htaccess, allowing only the protected user to access database configuration. . Please specify a password for the username. ------------------------- Maybe recursive descriptions are not properly, but in that case I think is important. I prefer not to use in the description the word "admin", because I think it will confuse people. I use it just as a default value to setup the username. Thanks a lot for your help, Kind regards, Sils
Attachment:
signature.asc
Description: OpenPGP digital signature