Project

General

Profile

Actions
Copy link

Bug #22513

closed

Changelog, README, NEWS files should be blocked via htaccess

Added by Oliver Klee about 14 years ago. Updated about 10 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2010-04-26
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.4
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

OTRS Ticket ID: 2010042610000013

Files like Changelog, README, NEWS.txt etc. that are publicly visible
allow easy scanning for vulnerable TYPO3 or extension versions.

So TYPO3's default .htaccess should deny access to these files by default.

(issue imported from #M14203)

Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Task #23078: Ship .htaccess with a Deny rule for *.sqlClosedMarkus Klein2010-07-02

Actions
Actions
Copy link

Also available in: Atom PDF