Hi guys,
This is my first visit to the site. Of course it's trouble that brings me knocking! I installed that really nifty protector module last night, but have a couple of problems I'm not sure how to solve. Help is greatly appreciated.

I looked in the root folder where I installed xoops but don't see ".htaccess". Do I just create a text file called ".htaccess" using notepad? If so what extension do I give it?

register_globals' : on Not secure
This setting invites a variety of injecting attacks.
If you can put .htaccess, edit or create...

/home/geeklock/public_html/.htaccess

php_flag register_globals off
I found my "php.ini" file and permissioned to 777. I inserted "php_admin_flag allow_url_fopen off" and saved the file back to the public_html folder, but I still get a warning. Also I didn'tt see the "httpd.conf" file. Does Does the script to be placed in a certain place in the php.ini file?

'allow_url_fopen' : on Not secure
This setting allows attackers to execute arbitrary scripts on remote servers.
Only administrator can change this option.
If you are an admin, edit php.ini or httpd.conf.
Sample of httpd.conf:
php_admin_flag allow_url_fopen off
Else, claim it to your administrators.

Last questions I have are:
Should I set the php.ini file to 644 or 444?
If using my host site password protection. Should I just password protect the entire public_html folder?

What other precausions shoud I take to protect my site?

Thanks guys.

don (el paso)