Add httpd configuration for basic security (!3) · Merge requests · wordpress / wordpress-image · GitLab

Snippets Groups Projects

Closed Alexandre Lossent requested to merge alossent/wordpress-image:wordpress-basic-security into master 2 years ago

Following security team report:

From the CERN WhiteHat challenge, it was found that the URL https://some_wordpress_site.web.cern.ch/.wp-config.php.swp discloses secret key and database information. Also, the URL https://some_wordpress_site.web.cern.ch/wp-includes/ has directory listings enabled, making it possible to explore web server contents.

Activity

Alexandre Lossent added 1 commit 2 years ago
added 1 commit

9c4233a7 - Add httpd configuration for basic security

Compare with previous version
A

Alexandre Lossent @alossent 2 years ago

Author Maintainer

Change included in !4 (merged), closing
Alexandre Lossent closed 2 years ago

closed

Please register or sign in to reply