XF 1.4 Securing XenForo directories

S

Sharkodile

Member
I have password protected the install folder and admin.php/admindav.php files. My question is, does the same need to be done to data, internal_data, js and library?

Should be worried about people trying to access files in these directories by typing in, say, "<url>/library/config.php"?
 
Sort by date Sort by votes
The out of the box configuration (for Apache) blocks all access to the library and internal_data directories. (The friendly URL config for Nginx also blocks them.)

Your data and js directories need to be accessible though.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

7ore
  • Question Question
Is git a good idea for securing xenforo
Replies
0
Views
60
7ore
7ore
E
  • Question Question
XF 1.5 Moving of Xenforo Directories
Replies
2
Views
567
Mike
Mike
Fufu
  • Question Question
XF 1.4 What directories in xenForo to CHMOD?
Replies
3
Views
1K
Karelke
Karelke
Simon
  • Question Question
securing xenForo
Replies
7
Views
2K
maidos
M
polkunus
  • Question Question
Getting Server Errors after Moving XenForo Directory
Replies
14
Views
2K
Ezenity
Ezenity
Back
Top Bottom