In-Portal Issue Tracker

Welcome to the In-Portal Open Source CMS Issue Tracker! This is a central management / tracking tool for all types of tasks / issues / bugs for the In-Portal Project. Before reporting any issues, please make sure to read the Guide into Issue Tracker and How to Properly Test and Report Bugs!

View Revisions: Issue #947 Back to Issue ]
Summary 0000947: Create new folder with restricted access from Web
Revision 2011-05-19 16:18:03 by Dmitry
Description Currently most of the logs and debug info can be accesses via Web which is high security risk.

To address this we need to create a new folder under "/system" with restricted access from Web.

Folder name will be ".restricted", it will have 777 permissions and will be used for:

1. ALL type of logs (gateways, shipping, PHP, Web requests)
2. Debug files

NOTES:

1. all of above Logs should be checked and updated to use this NEW folder.

2. add .htaccess which will deny any access to that folder.


Revision 2011-05-18 13:16:38 by Dmitry
Description Currently most of the logs and debug info can be accesses via Web which is high security risk.

To address this we need to create a new folder under "/system" with restricted access from Web.

Folder name will be ".restricted", it will have 777 permissions and will be used for:

1. ALL type of logs (gateways, shipping, PHP, Web requests)
2. Debug files

Note that all of above Logs should be checked and updated to use this NEW folder.
Revision 2011-05-18 13:16:38 by Dmitry
Additional Information New setting in config.php RestrictedPath = "/system/.restricted"
Revision 2011-04-04 11:59:50 by Dmitry
Additional Information



Web Development by Intechnic
In-Portal Open Source CMS
In-Portal Open Source CMS
Copyright © 2000 - 2009 MantisBT Group

Powered by Mantis Bugtracker