Topic: users.table.xml viewable from outside?

Dont think its normal to have users.table.xml viewable from the outside world but then again I dont know much.

http://www.mysite.com/storage/database/users.table.xml

Possible to block so that none of the xml tables are viewable?

I am using nginx on Debian.

Re: users.table.xml viewable from outside?

Anyone?

Don't understand why the xml files are vieawable. If I enter /storage/database in url I get 403.
However if I add xml file in url /storage/database/options.table.xml I can see the content.

Is this normal?

The file has 644 permission.

Anyone please  since the site is live.

Re: users.table.xml viewable from outside?

Ok managed to block access to all .xml files by adding rule to nginx.

location ~* \.xml$ {
deny all;
return 403;
}

  • Awilum
  • Awilum
  • Monstra Founder & Lead Developer
  • Offline
  • From: Russian Federation
  • Posts: 523
  • Reputation : [ 24 | 0 ]

Re: users.table.xml viewable from outside?

astralorbital, thanks, will add to monstra .htaccess

Monstra Loves You! Give some love back!

Awilum's Website