0
I have transferred a PHP/mySQL site to a different ISP. The clients want to protect access. I don't really want to change the Admin login - that is programmed using salt.
I was thinking of creating a new u/p with admin (not root) privileges for them, and disabling the root password in their database.
Does anyone see any issues with this approach?
Many thanks
Thanks iTom (great name). However, at the moment, the original developer could access the site admin control panel using the original, encoded password, and potentially, this could lead to problems. (delete customers, delete orders, etc). If I disable the account (not delete), then if we need to activate it, we still could. What do you think? – David DelMonte – 2011-12-04T22:22:07.957
If your really against changing the password then yes that seems like a valid option. – iTom – 2011-12-05T08:36:13.427
I hear you but while I'm a reasonably good programmer, with this app, I do not know the overblown development well enough, and feel I only know enough to be dangerous right now.. We will hire someone soon.. – David DelMonte – 2011-12-05T12:55:49.113