WARNING: Skins directory unprotected and open to public. - v1.x Issues & Troubleshooting

View New Content

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

You cannot start a new topic
You cannot reply to this topic

WARNING: Skins directory unprotected and open to public. Rate Topic

CompleteMotorsport.com
Junior Member
Members
Join Date: 23-May 06
8 posts

Posted 30 August 2006 - 04:49 PM #1

http://demo.cs-cart....mer/content.tpl

and any other files in the skins directory are viewable.

kloptops
Junior Member
Members
Join Date: 07-Mar 06
5 posts

Posted 31 August 2006 - 04:22 AM #2

I also found this on my previous host, i added the following to my .htaccess file (one inside the cscart base directory will do).

Options -Indexes

<FilesMatch "(\.(inc(\.php)?|sh|sql|tpl(\.php)?))$">
  Order deny,allow
  Deny from all
</FilesMatch>

this stops people from directly accessing .tpl, .tpl.php, .sql, .inc & .inc.php files. It also stops listing of directorys. I cant remember where i found this snippet, but imho its a must for any e-store.

I hope this helps.

lordmatrix
Senior Member
Members
Join Date: 26-May 06
120 posts

Posted 31 August 2006 - 11:08 AM #3

July 14th, 2006
http://vb.cs-cart.co...hread.php?t=680

Back to v1.x Issues & Troubleshooting

Time Now: Jan 25 2021 01:28 AM

Community Forum Software by IP.Board

WARNING: Skins directory unprotected and open to public. Rate Topic

Skin and Language

Execution Stats