Security FAQ?

[Skyview]

Not sure if this is the right place for this, but here goes. Is there any type of security FAQ or guidelines for installing, configuring, and maintaining TP? What I'm talking about is something like tips on making it as secure as possible, both in terms of software settings within TP, and filesystem level things that can be done. I did a search on security and didn't find anything like that. I think it would be good to maybe add a section to the forum for such topics.

[G6Cad]

At this time there isent a collected FAQ for those things more then what you might find in the forum or in the faq and doc section we have.
TP is still in Beta testing and Bloc is changing things about all the time, so write up diffrent documentations when we still testing it is like a drop in the ocean and try to find that drop there again.

We will however work on them, but at this time we doesent have all that much more then basics on how to 

[Skyview]

OK. I realize the software settings recommendations could change significantly depending on changes that are made before 1.0, but I'm thinking any file system recommendations probably would stay more or less the same (i.e. chmod directory x and y to 644, etc.) Look forward to any tips that may be available or if others have recommendations based on your experiences with TP and SMF please post and share. Maybe we can start a initial list of security best practices  :up:

[G6Cad]

TP uses SMF files more or less for security. So most docs on how the files should be set to be safe is documented on simplemachines.org

[bloc]

Thats correct..the sources folder and templates/themes folder follows SMF documentation on security. There are the tp-downlaods and tp-images folders which both needs to be writable, but tp-downloads has a htaccess file to prevent admission other from within TP.