[ltb-dev] [LDAP Tool Box - Feature #623] (New) Add htaccess to ensure config/* files can't be read as test plain

noreply at lsc-project.org noreply at lsc-project.org
Fri Sep 27 10:33:47 CEST 2013


Issue #623 has been reported by Bruno Bonfils.

----------------------------------------
Feature #623: Add htaccess to ensure config/* files can't be read as test plain
http://tools.lsc-project.org/issues/623

Author: Bruno Bonfils
Status: New
Priority: Normal
Assigned to: 
Category: Self Service Password
Target version: 


I made a mistake when configure selfservice using php5-fpm. I enabled selfservice in https, therefore http doesn't handle PHP files,  so it was possible to read config/config.inc.php

Could be a good idea to add a .htaccess to ensure config files can't be read from a browser


-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-dev/attachments/20130927/7d72f4ca/attachment.htm>


More information about the ltb-dev mailing list