Project

General

Profile

Bug #5890

File 'config.qfq.ini' by default public - protect against access

Added by Carsten Rose over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
Start date:
01.05.2018
Due date:
% Done:

0%

Estimated time:
Discuss:

Description

  • config.qfq.ini kann aktuell, bei direkter Eingabe des Pfades, im Webbrowser angezeigt werden!!!
  • Optionen das zu verhindern:
    • File umbennennen mit 'php' am Ende.
    • In ein geschuetztes Verzeichnis verschieben
  • #5175 config.qfq.ini via ExtManager
  • #5884 sql.log by default public - protect against access

Related issues

Related to QFQ - Feature #5175: config.qfq.ini via ExtManagerClosed2018-01-06

Related to QFQ - Bug #5884: sql.log by default public - protect against accessClosed2018-04-30

Associated revisions

Revision 12fe62b5 (diff)
Added by Carsten Rose over 2 years ago

Bug #5890 config.qfq.ini is public readable. Renamed file to config.qfq.php. Implement a basic migration assistant to copy DB credentials to new config.qfq.php. All other values have to be copied to extmanager/qfq-configuration manually.

Revision 01d11e6c (diff)
Added by Carsten Rose over 2 years ago

Bug #5890 config.qfq.ini: migrate LDAP credentials too. Extend T3 internal qfq config with 30 'custom'-vars. This replaces the old custom vars in config.qfq.ini

History

#1 Updated by Carsten Rose over 2 years ago

#2 Updated by Carsten Rose over 2 years ago

  • Related to Bug #5884: sql.log by default public - protect against access added

#3 Updated by Carsten Rose over 2 years ago

  • Status changed from New to Closed
  • Target version changed from next to 18.6.0

File wurde umbenannt zu config.qfq.php

Also available in: Atom PDF