Fix #12607: Update installation instructions regarding admin directory

The /admin/ directory should be removed after installation or upgrading of MantisBT. The installation instructions did not state this requirement and therefore it was quite easy for users to leave this potentially dangerous directory in place on live installations of MantisBT connected to the Internet.
mantisbt · Dec 15, 2010 · 065c99c · 065c99c
1 parent 974e6da
commit 065c99c
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/doc/INSTALL b/doc/INSTALL
@@ -31,6 +31,10 @@ INSTALLATION
  * Installation is complete -- you may need to copy the default configuration
    to mantisbt/config_inc.php if your web server does not have write access
 
+ * Remove the admin/ directory from within the MantisBT installation path. The
+   scripts within this directory should not be accessible on a live MantisBT
+   site or on any installation that is accessible via the Internet.
+
 UPGRADING
 
  * Backup your existing installation and database -- really!
@@ -50,5 +54,8 @@ UPGRADING
 
  * Click install/upgrade
 
- * Upgrading is complete
+ * Remove the admin/ directory from within the MantisBT installation path. The
+   scripts within this directory should not be accessible on a live MantisBT
+   site or on any installation that is accessible via the Internet.
 
+ * Upgrading is complete