|
Web Wiz Forums Securing Your Access Database
Don't be a victim to a hacker!!
By not securing your Web Wiz Forums Access database a hacker can download the database and use the data from within it to hack your forum.
Follow the simple instructions below to find out how to secure your forums Microsoft Access database.
For security it is highly recommended that you move the location of the Access Database to a folder above the root directory of your web site where it can not be accessed using a web browser, good web hosts will have a directory set up for this usually called 'private', 'database', or 'db'.
For the purposes of this exercise we will presume the tree structure of your website is similar to below:-
- Locate the file
 wwForum.mdb found in the 'database' directory (this is Web Wiz Forums Access Flat File Database).
- Move the wwForum.mdb file to a secure location, usually above the root of your web site's public directory on the server, where it can not be accessed using a web browser. Good web hosts will have a directory set up for this usually called 'private', 'database', or 'db'. If you are uncertain of the location of your private database directory contact your web host.
- Edit, with a text editor, the file 'database_connection.asp' found in the 'database' directory. In this file you will find the following line of code: -
strDbPathAndName = Server.MapPath("database/wwForum.mdb")
- Update the path marked in red (database/), to the new path to the database directory wwforum.mdb is within. The path needs to be the relative path from the directory you have placed your forum in. (tip: to move up a directory use ../ eg: "../db/wwForum.mdb").
- Save the amended file and upload it to your web space overwriting the original 'database_connection.asp' file.
|
|
|
