could some one help to explain what does it mean, and where should i put the command into which file ?
Block access to the data directory by changing your web server configuration.
For example, if your data directory is /var/www/data and your web server is Apache, adding this to your Apache configuration should work:
i just install and start to think how to do this in my directory
is it add below command into .htaccess ? my directory name is "abc"
<Directory /var/www/abc/> AllowOverride None order deny,allow deny from all </Directory>
big thanks
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- Planet Zuda@planetzuda
Planet Zuda - 0 likes
- Matt Beckett@Beck24
Matt Beckett - 0 likes
- val99@valencia
val99 - 0 likes
You must log in to post replies.set permissions to 750. It is a lot easier than you may think. If you are using cPanel you can right click on the data folder and edit permissions. Turn off read, write, and execute for world. turn off write for group. That is just one way you can do the settings. You should do more research to find out what settings are right for you. If you are using linux and love bash commands you should use chown for this.
or ideally move the data folder outside of the web-accessible directory
thanks a lot. it helps.