Securising of SQLiteManager
How to Install Secure
We now proceed to a secure facility for SQLiteManager on a Linux server with Apache installed from source.
Replace the parameter values below the values corresponding to your installation:
ServerRoot |
/usr/local/apache/ |
DocumentRoot |
/usr/local/apache/htdocs/ |
httpd.conf |
/usr/local/apache/conf/ |
User |
apache |
Group |
apache |
The first thing to do is create a directory that contains the different SQLite, it must necessarily be accessible via Web:
mkdir / usr / local / apache / sqlitedb /
chown apache: apache / usr / local / apache / sqlitedb /
chmod 700 / usr / local / apache / sqlitedb /
Then edit the file /usr/local/apache/htdocs/SQLiteManager-XYZ/include/user_defined.inc.php, the following parameters:
define ( "sqlitedb", "/usr/local/apache/sqlitedb/config.db");
define ( "DEFAULT_DB_PATH", "/usr/local/apache/sqlitedb /");
Then move the different databases:
mv /usr/local/apache/htdocs/SQLiteManager-XYZ/include/*. db /usr/local/apache/sqlitedb/
mv /usr/local/apache/htdocs/SQLiteManager-XYZ/test.sqlite * /usr/local/apache/sqlitedb/
Then, if the server is accessible via the Internet, it is strongly recommended to establish a restricted access using a user authentication.
Edit the file: /usr/local/apache/htdocs/SQLiteManager-XYZ/include/user_defined.inc.php then modify the following parameters:
define ( "WITH_AUTH", true);
define ( "ALLOW_CHANGE_PASSWD", true);
Thus, users must enter a username and password to access to SQLiteManager and an opportunity to change their password!
Different users by default are:
User |
Username |
Password |
Administrator |
admin |
admin |
Data |
data |
data |
Guest |
guest |
guest |
3 new links appear on the homepage:
As administrator, you have access to the link 'privilege' to manage groups and users.
The links are disconnection as the name implies, allows exiting.
And the link 'Change Password' allows everyone to customize his password:
Management of privileges by the administrator
The group management is based on the same principle:
|
Different privileges are to:
Properties |
Allows changing the properties of different objects |
execSQL |
Authorizes the execution of manual queries |
data |
Allows changing data in tables |
Export |
Authorizes export |
empty |
Authorizes the full dump table |
del |
Authorizes the removal of objects |
|