Having a fully functioning e-mail delivery system, we now want to ensure that we secure it as best we can, namely, by preventing both unauthorized access and exposure to potential vulnerabilities.
In this chapter, you will learn some techniques to further restrict and secure your phpList installation. These include:
.htaccess mod_access
restrictions mod_auth)
passwordYour password is the "key" to your phpList installation. Just as you wouldn't leave your house keys outside the front door, or your PIN number written onto your bank cards, security begins with effective password management.
A strong password is one that is difficult to detect by humans or computers. It is generally accepted that a strong password:
There are several websites that will help generate / validate strong passwords. (Just search the web for "how strong is my password?").
Hopefully, you'll already have changed the "admin" password from the default "phplist", but make sure it's set to a strong password that won't be guessable (that is, if your domain is "fuzzyslippers.com", don't make the password "fuzzyslippers!").
To change the admin password, click on the admins link on the main page:
Click on your admin account (you can have multiple administrators):
Change your password (displayed in clear text) and click on Save Changes:
18.189.180.43