Login :: Sitemap :: Contacts

 SUMO Homepage > Documentation > Security startup guide
Security startup guide
  • After installation process verify files permissions (not for Windows systems):

    -rw-r-----   (chmod 640) for files
    drwxr-x---   (chmod 750) for directories
    			
    Some hosting services require more provileges on files and directories (found on RedHat AS).
    If you have errors on permissions try to use 644 (HAAARR!!!) for files where was 640 and 755 (HAAARR!!!^2) for directories where was 750.

  • If you can create a specific user for SUMO database it would be better thing. So, change default user and password to connect to it (see your database manual for details).
    Remember to set correct database user and password in <sumo_dir>/configs/config.database.php.

    See security section of your database documentation for more informations about security on database server ( for MySQL see http://dev.mysql.com/doc/refman/5.0/en/security.html).

    SUMO does not apply any special security methods to your database server. It is still the system administrator's job to grant permissions on your database properly.
  • Set SUMO_VERBOSE_ERRORS to false to hide any errors on <sumo_dir>/configs/config.server.php:

    /**
     * if TRUE display any error, default is FALSE
     * for security reasons
     */

    define ('SUMO_VERBOSE_ERRORS', false);
  • Change default sumo user password after first access to Sumo Control Panel:

    Users & Groups -> Users -> click on user "sumo" ->

    -> Edit user -> Security options -> Insert new password ->

    -> retype new password -> click on "Ok"