[3amOpsGuy]

I get the impression you're thinking "secure" is a boolean, if anything it's a floating point. By that I mean "is it secure?" could be viewed as a naive question, a better question could be "how secure is it?".

>> NB: The next point is

Yes but I didn't want to write a counter point to each point. I'd taken the view from the listing of possible problems presented that the basics weren't being considered. It reads as a list of random points in a large space rather than a comprehensive listing.

To give a specific example, the article talks about writable concerns when really we want to be ensuring readable gets the same treatment.

>> even if it's in the web directory, can't leak the data without some other compromise

Or a config error (a botched upgrade disabling mod_php could do the trick, or more obscurely a content negotiation oversight), or a leaked backup (another common one - storing random backups under www root)... There's more than one way to skin a cat as they say.

>> If I can even connect

You're often better to view security as something you provide in layers. I wouldn't expect to be able to hit port 3306 from here, but if you're not expecting me to ever be inside your network, then priviledge escalation is going to be fairly quick for me once i surprise you by getting in.