Closed julienmalik closed 9 years ago
I tried quickly but the PluXML code does not seem to be prepared for having data outside the www dir.
Another option is to deny the data dir directly in nginx conf, which I provided in https://github.com/matlink/pluxml_ynh/pull/6
Nginx restricts the data folder
Currently there is a big security flaw. You access all the data dir from your browser. This is because .htaccess are apache-only, and nginx does not do anything with them.
A solution would be to move data to /home/yunohost.app/pluxml