[TYPO3-UG UK] Typo 3 Instalation

[Matthew Manderson]

> I have installed my typo 3 to my server and it is still visiable, can
> you safely delete the install folder, without any problems as I am
> worried about security issues.

No you won't want to do that because in fact the 'install' is not really an
install tool but a core installation configuration tool. Another TYPO3
unfriendly term.

You will recall many modern php scripts encourage you to delete the install
scripts for security reasons and hence your anticipation.

Do you recall in your TYPO3 install proceedure that you commented out a die
command in the install php file? Well just uncomment it back in again. When
you need the install tool again, which you will do frequently to change
core installation values, just comment the die command. Access the file
manually with your ssh shell or ftp.

If you are worried about security make sure you set good Back end passwords,
and set the Random key and set the install tool password to something even
stronger and do die command.

This will be pretty good at protecting TYPO3. But it will not be enough to
protect your web server in which case you need to think about wider issues.
Often the crossover will be file permissions so avoid setting 777 on your
TYPO3 files eh!

The strength in your TYPO3 now lies in your server and outside the scope of
this dicussion.

If you Google for "TYPO3 security" :-) you might find more info.

Enjoy!
Matthew