I'm quite shocked to see the error log being placed inside the html document root at the path
This information is supposed to be confidential to the administrator. Is it by default the apache/opencart get installed this way? Could hackers modify this file and execute some damaging instructions as I see the file is rwxrwxrwx .
But you could keep the Directory, and/or the File extension from beeing called directly (.txt), by
use of .htaccess as well, by making it look like:
Code: Select all
# Prevent Direct Access to files <FilesMatch "(?i)((\.xml|\.txt|\.tpl|\.ini|\.log|(?<!robots)\.txt))"> Order deny,allow Deny from all </FilesMatch>
For Sale: Top URL's, including an OpenCart V-Pro Shop!
A wide range of matching Designs can be seen here: http://www.opencart.li
For Information on URL's offered, please contact me at: email@example.com
Hundreds of Mods in 380+ Repositories for OC v.1.5.x - v.2.3.x
to be found on my Github Site: https://github.com/IP-CAM
Users browsing this forum: No registered users and 11 guests