In-Portal Issue Tracker

Welcome to the In-Portal Open Source CMS Issue Tracker! This is a central management / tracking tool for all types of tasks / issues / bugs for the In-Portal Project. Before reporting any issues, please make sure to read the Guide into Issue Tracker and How to Properly Test and Report Bugs!

Relationship Graph View Issue ] Dependency Graph ]
related to child of duplicate of

Viewing Issue Simple Details
ID Category Type Reproducibility Date Submitted Last Update
0000947 [In-Portal CMS] Security bug report always 2010-12-13 10:09 2011-09-19 16:08
Reporter Dmitry View Status public  
Assigned To alex
Priority normal Resolution fixed  
Status closed      
Summary 0000947: Create new folder with restricted access from Web
Description Currently most of the logs and debug info can be accesses via Web which is high security risk.

To address this we need to create a new folder under "/system" with restricted access from Web.

Folder name will be ".restricted", it will have 777 permissions and will be used for:

1. ALL type of logs (gateways, shipping, PHP, Web requests)
2. Debug files


1. all of above Logs should be checked and updated to use this NEW folder.

2. add .htaccess which will deny any access to that folder.

Additional Information New setting in config.php RestrictedPath = "/system/.restricted"

Web Development by Intechnic
In-Portal Open Source CMS
In-Portal Open Source CMS
Copyright © 2000 - 2009 MantisBT Group

Powered by Mantis Bugtracker