Script Pulse

Trade Pulse => Trade Pulse Support => Topic started by: Vas on January 07, 2012, 10:43:06 AM

Title: tp/data/ folder is accessible for everyone ??
Post by: Vas on January 07, 2012, 10:43:06 AM

Hi ... when I log in, I get:

Important notice
It looks like your tp/data/ folder is accessible for everyone.
It's SERIOUS SECURITY HOLE and must be solved asap! IF you are using Nginx webserver, ask your server support to protect 'tp/data' folder for accessing from the web.

Would 775 permissions sort this out ?

Please let me know, otherwise I can only protect this using a password on Lighttpd ... that would make matters worse I think !

Title: Re: tp/data/ folder is accessible for everyone ??
Post by: henta0578 on January 07, 2012, 01:29:46 PM

I have nginx and I added this in my configuration file:

    location /tp/data/ {
    deny all;
    }

Everything seems to still work fine.

Title: Re: tp/data/ folder is accessible for everyone ??
Post by: Vas on January 08, 2012, 03:42:50 AM

henta0578,

Thanks, it is something similar in Lighttpd, I managed to fix it  :)