Secure directory

  • Resolved kimmwood

    (@kimmwood)


    2 years, 11 months ago

    Should the zbscrm directory have an .htaccess file or something similar to secure it?
    If someone knows the full path they can pull up the full file list. How do I secure this?
    thanks

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hi @kimmwood,

    I’m not entirely sure what you are asking here.

    If you’re referring to the plugin directory, you’re welcome to put a .htaccess (Apache only) or index.html file in there, but there is really no reason to. The JP CRM core plugin is already freely available for anyone to download via www.remarpro.com repository here.

    If you’re referring to configuring web servers to not show directory listings, that should be done at the server level, and it is outside the scope of our support. I recommend reaching out to your host for further assistance.

    If you’re thinking of something else, would you explain a bit more in detail what you’re trying to achieve here? Is there a specific security vulnerability that you’re trying to prevent?

    Thread Starter kimmwood

    (@kimmwood)

    Thank you. I am just trying to make it not possible for anyone to be able to call up the uploads path and be able to view all files so I suppose an index.html would solve the problem. Most plugins already include this as standard but you do not seem to for some reason. Maybe this is something you could consider just to improve overall security?

    Hi @kimmwood

    Thanks for sharing more details.

    Please note that controlling directory listings is really the web server’s responsibility. However, our development team will consider adding this to the next release.

    I’m marking this thread as Resolved. If you still need help, definitely let us know here, and mark the thread Unresolved.

    Best,
    Alba

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Secure directory’ is closed to new replies.