SmallMart
SmallMart Community
Documentation

SECURITY.md

Back to Docs

Security Notes

Hosting

  • Use HTTPS
  • Keep PHP updated (8.1+ recommended)
  • Turn off `display_errors` in production
  • Use sane permissions:
- `data/` writable by PHP - other files read-only

Accounts

  • Change default admin password immediately
  • Use strong passwords
  • Rotate credentials if staff changes

Mods/Themes

Only install mods/themes from sources you trust. Review code before enabling on a production store.