... | ... | @@ -17,6 +17,8 @@ Be careful when you update RosarioSIS. If you overwrite the files, the above fil |
|
|
|
|
|
The **_.htaccess_** file prevents access to the _config.inc.php_ file. You can add this rule to your site / Apache configuration and remove the _.htaccess_ if you want to avoid the use of _.htaccess_ files for performance reasons.
|
|
|
|
|
|
Change the usernames and passwords of the default set of users (_admin_, _teacher_, _student_, _parent_) and adopt a [password policy](https://www.sans.org/security-resources/policies/Password_Policy.pdf).
|
|
|
|
|
|
Finally, and more generally, here is a good set of rules to block attacks: [**5G Blacklist 2013**](http://perishablepress.com/5g-blacklist-2013/)
|
|
|
|
|
|
But you should remove this line for RosarioSIS to work:
|
... | ... | |