Closed williamdes closed 1 year ago
The most important is the phpsysinfo.ini file, access to which is denied in .htaccess. In addition, access to all files with the tmp and extension should be denied (most web servers have this by default). In .httaccess, files with the log extension are also blocked.
The most important is the phpsysinfo.ini file
Perfect that I moved it to /etc/ then :)
Folders language, plugins and templates can't be denied.
Okay, thank you
In the plugins folder only php files can be blocked
What are the security rules I can put?
Here is the configurations I provided for Debian users: https://salsa.debian.org/php-team/pear/phpsysinfo/-/tree/debian/3.4.2-2/debian/conf
But maybe there is more folders and files to deny access?