VaultWiki provides .htaccess files in some directories to protect the contents from prying eyes.
In newer versions of VaultWiki, if these directories could be accessed by the public, then you would start to see fatal errors in your logs from direct access to these files. In some cases, because of the way PHP displays fatal errors, leaving these files unsecured could allow the public to see the full path to the unsecured file.
If your web server does not support .htaccess files, then you must take measures yourself to deny all external access to the following directories:
- vault/core
- vault/helper
- vault/install/lib
- vault/plugins
This page has been seen 166,193 times.
-
-
Created by on
-