Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Try Vanilla Forums Cloud product

Improve Vanilla Security by Default - Deny Viewing the Cache

mtschirsmtschirs ✭✭✭
edited August 2015 in Development

I would suggest to make vulnerability discovery in Vanilla harder by removing web access to the cache directory (or relevant parts of it). E.g. http://vanillaforums.org/cache/p_core_library_map.ini

I suggest adding some rules to the .htaccess file that comes 'preinstalled' with Vanilla.

-

peregrineBleistivtrbrahmsonvrijvlinder

Comments

Sign In or Register to comment.