I have set up mysql, php, and php-nuke on a server and its working great.
The setup program defaulted my sql admin to root:(blank pw)
even if i change the pw to something secure, whats to stop someone from going to my site, looking in the config.php file, and using the specified username="" and password="" fields to fish around or destroy my database? How does this work and how can i make it secure?
thanks in advance
-Kris