<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title>TWIG Administrators Manual - 5. Security</title>
<meta name="Microsoft Border" content="tb, default">
</head>

<body><!--msnavigation--><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td>

<table border="0" width="100%">
  <tr>
    <td width="50%" valign="bottom">
      <h1>TWIG Administrators Manual</h1>
    </td>
    <td width="50%" valign="bottom"><img border="0" src="images/twig.gif" align="right" width="153" height="75"></td>
  </tr>
  <tr>
    <td width="50%" valign="bottom">
    </td>
    <td width="50%" valign="bottom"></td>
  </tr>
  <tr>
    <td width="50%" valign="bottom">
      Return to <a href="index.html">Table of Contents</a>
    </td>
    <td width="50%" valign="bottom"></td>
  </tr>
</table>
<hr>

</td></tr><!--msnavigation--></table><!--msnavigation--><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><!--msnavigation--><td valign="top">
<h2>5. Security</h2>
<p>There are several issues with security, and this is only a brief overview of the issues.  Before implementing a TWIG server (or any Internet based    server) you should have a good working knowledge of Internet related    security.<br>
<br>
    To keep your configuration settings secure you need to make sure that    your web server pay's attention to .htaccess files.  To check to make    sure your configuration is secured, try accessing your config.inc.php3 file    using the following URL:<br>
<br>
	http://&lt;your server name>/&lt;twig home directory>/config/config.inc.php3<br>
<br>
    You should get an access denied message after a security dialog box pop's    up.  If you don't, please refer to your web server's documentation to&nbsp;<br>
    enable .htaccess files.<br>
<br>
    Another concern is connectivity between TWIG and the mail/database server. The most secure system is to have everything on the same server, otherwise    passwords may be transmitted across the net.  This is nothing specific to    TWIG, but instead is depended on the other servers.<br>
<br>
    The most obvious security concern in the transmitting of username/passwords    using basic or forms based authentication.  One possible solution to this    is to use an SSL capably browsers/server.</p>

<!--msnavigation--></td></tr><!--msnavigation--></table><!--msnavigation--><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td>

<hr>
<table border="0" width="911">
  <tr>
    <td width="418">
      Return to <a href="index.html">Table of Contents</a>
    </td>
    <td width="477" align="right">Return to <a href="#TOP">Top</a></td>
  </tr>
</table>

</td></tr><!--msnavigation--></table></body>

</html>