20 Nov
2005
20 Nov
'05
4:28 p.m.
Hi all
while speaking with friend about some recent security issues, we came to quite obvious idea, that access to /libraries folder should be disabled (by providing .htaccess file and suggesting same configuration in documentation) and all stuff that needs direct access should go out of this folder. Stuff that I quickly found that needs to be moved:
- *.js - create /js folder for it? - libraries/transformations/overview.php - should be IMHO in root anyway
Is there something else I missed? Any comments on implementing this in 2.7.0 branch?
--
Michal Čihař | http://cihar.com