Hi GIJOE,

Sorry for being a pain in the butt, but I want to be 100% clear here. My site was hacked last week with an SQL injection attack (hence why I'm installing protector) and I am really wanting to make sure I have this totally correct.

Quote:
When setting the permissions for Protector, is it necessary to select ALL, or can you just select the protector block for each group (apart from webmaster which should have all access).

I suppose my question is are there any security issues with granting all permissions as it would give the module admin permission to all users, and if so what are the minimum permissions needed to have protector work?

Also, do you need to set the proctor block to be displayed on all pages, or is just having it on the top page enough? Just thinking for visitors not entering via the front page might not go through protector otherwise.