Nginx rules in documentation should be updated

This forum has moved to a new location and is in read-only mode. Please visit talk.octobercms.com to access the new location.

Keios

10 years ago

Currently it's possible to download all and every .yaml file from plugins and modules folders. Those files contain database field definitions and shouldn't be available publicly. Daftspunk, please update nginx rules with:

location ~* (\.yaml) 
{
    return 404;
}

andrew

10 years ago

Everything within the app folder is already blocked.

Edit

I see what you mean. I'll add a pull request.

Last updated 10 years ago

1-2 of 2

You cannot edit posts or make replies: the forum has moved to talk.octobercms.com.

Latest from the blog

October CMS Celebrates 10 Years with the v3.7 Release

Today, October CMS celebrates a major milestone—our 10th anniversary! It's been a decade of growth, challenges, and incredible support from our amazing community. What began as a passion project has evolved into a platform we're proud of, thanks to your feedback and enthusiasm.

Continue reading →