Trying to get The top 2 things in Security to show secure - followed instructions by using apanel to set password and uncommented the 2 htaccess files last 4 lines - restarted server - cleared cookies - but still show unsecure? Only in the "User Management Security" section is there a problem not in the "Server Security" section which updated to show secure? What do you think I am doing wrong using version 3.5. See below. User Management Security This part of the security center will check all user management settings to make sure that everything is set. It will tell you if something needs to be changed. SECURITY MSG STATUS Admin Panel If the username/password is still set to root, then you probably need to change this by clicking the UNSECURE link. UNSECURE Personal Server If the username/password is still set to root, then you probably need to change this by clicking the UNSECURE link. UNSECURE MySQL Server If the password is still set to root, then you probably need to change this by clicking the UNSECURE link. SECURE Server Security This part of the security center will check and make sure the server settings are appropriate and set corectly. SECURITY MSG STATUS Local View Due to the fact that some PC's have a different hostname set rather than localhost, we use the IP method here. This checks to make sure that you are viewing the Admin Panel (this) from local. SECURE PHP Safe Mode This checks to see if PHP is running in SAFE MODE. Now, PHP does not have to run in SAFE MODE, but if you want the extra security, you can set it by clicking on the UNSECURE link. UNSECURE Admin Panel Access While this is another feature that is not throughly important as other features are in place against outside access to the Admin Panel, this checks to see if your Admin Panel is secured using the Auth method. Please change this by editing the w:/home/admin/www/.htaccess file. SECURE Server Access If you are running your server in Production Mode, Skip this one. If not and you would like to add more security to the server by blocking it using the Auth method, then change this in by editing the w:/www/.htaccess file.