[support] .htaccess in /tmp for Drupal 7?
Howard Barr
howardjapan at gmail.com
Fri Dec 6 03:03:31 UTC 2013
Hi Marco,
I put a htaccess file with 'Deny from all' added to the last line, into
/tmp as explained (Drupal 6)
It was an empty directory. Then I ran the Status report. I see the
Temporary files directory----not fully protected.
So I'm wondering if I've placed 'Deny from all' on the wrong line in the
htaccess file?
Nothing else appears strange.
Howard
On 6 December 2013 06:29, M. Fioretti <mfioretti at nexaima.net> wrote:
> Greetings,
>
> I'm almost finished (fingers crossed) to update a website I manage to
> drupal 7.24
>
> Everything seems OK and I've already updated the .htaccess files in
> sites/*/files/ as explained in
>
> https://drupal.org/SA-CORE-2013-003
>
> The only thing I'm not sure about is where that page says:
>
> Additionally, the .htaccess of the temporary files directory and
> private files directory (if used) should include this command:
>
> Deny from all
>
> my temporary files directory as shown in
> /admin/config/media/file-system is /tmp (private file system path is
> empty). Should I put an ..htaccess in /tmp too???
>
> I believe not, but I'd rather have confirmation.
>
> Thanks!
> Marco
>
>
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20131206/344954cf/attachment.html
More information about the support
mailing list