Hardening suggestion

Talk about writing modules and plugins for CMS Made Simple, or about specific core functionality. This board is for PHP programmers that are contributing to CMSMS not for site developers
Post Reply
Pierre M.

Hardening suggestion

Post by Pierre M. »

Hello,

I'm forwarding (to the DevTeam and -?- module maintainers) a suggestion from the French speaking forum :

Add some "deny from all" .htaccess to the default tarball in security sensitive folders like /tmp /lib/subdirs /whatelse

The default tarball as already incorporated fake index.html in such locations to prevent directory listing even on a misconfigured webserver and I like it. Default "deny from all" .htaccess wouldn't hurt either, would they ?
Or it could be sample-to-be-renamed htaccess.txt like the URL rewriting one provided ?

Pierre M.
Top
Ted
Power Poster
Power Poster
Posts: 3329
Joined: Fri Jun 11, 2004 6:58 pm
Location: Fairless Hills, Pa USA

Re: Hardening suggestion

Post by Ted »

Problem with .htaccess files is that if the server doesn't like them, it'll do a 500 error on any request in that directory until it's removed.   That, and there are issues on windows machines with files that start with a . -- so chances are a lot of them would never get uploaded anyway because of the FTP client ignoring them.

Unfortunately, education on these matters is still the best course of action.
Top
Post Reply

Return to “Developers Discussion”