Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Try Vanilla Forums Cloud product

Improve Vanilla Security by Default - Deny Viewing the Cache

mtschirsmtschirs ✭✭✭
edited August 2015 in Development

I would suggest to make vulnerability discovery in Vanilla harder by removing web access to the cache directory (or relevant parts of it). E.g.

I suggest adding some rules to the .htaccess file that comes 'preinstalled' with Vanilla.




Sign In or Register to comment.