tell user to protect the conf directory

otherwise settings.xml will be visible to the world.
2025-03-11 16:35:38 +00:00 · 2015-11-09 09:16:13 +01:00 · 2015-11-09 09:16:13 +01:00 · 1f89b476a2
commit 1f89b476a2
parent 525dc8a9ea
1 changed files with 9 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -231,7 +231,15 @@ full text search engine support, you will also need to unpack
  but not accessible through the web.

 For security reason the data folder should not be inside the public folders
-or should be protected by a .htaccess file.
+or should be protected by a .htaccess file. The folder containing the
+configuration (settings.xml) must be protected by an .htaccess file like the
+following.
+
+	> <Files ~ "^settings\.xml">
+	> Order allow,deny
+	> Deny from all
+	> </Files>
+

 If you install SeedDMS for the first time continue with the database setup.