julienmalik
commented
9 years ago I tried quickly but the PluXML code does not seem to be prepared for having data outside the www dir.
Another option is to deny the data dir directly in nginx conf, which I provided in https://github.com/matlink/pluxml_ynh/pull/6
matlink
Currently there is a big security flaw. You access all the data dir from your browser. This is because .htaccess are apache-only, and nginx does not do anything with them.
A solution would be to move data to /home/yunohost.app/pluxml