I'm quite shocked to see the error log being placed inside the html document root at the path
This information is supposed to be confidential to the administrator. Is it by default the apache/opencart get installed this way? Could hackers modify this file and execute some damaging instructions as I see the file is rwxrwxrwx .
But you could keep the Directory, and/or the File extension from beeing called directly (.txt), by
use of .htaccess as well, by making it look like:
Code: Select all
# Prevent Direct Access to files <FilesMatch "(?i)((\.xml|\.txt|\.tpl|\.ini|\.log|(?<!robots)\.txt))"> Order deny,allow Deny from all </FilesMatch>
For Sale: Top URL's, including OpenCart V-Pro installed, like seen here:
http://www.bigmax.ch - http://www.ipcam.li - http://www.opencart.li
For Information + URL's offered, please contact me at: firstname.lastname@example.org
I am NOT available for Custom Support in existing OC Installations!
My Github Repositories: https://github.com/IP-CAM
Users browsing this forum: No registered users and 5 guests