-
Notifications
You must be signed in to change notification settings - Fork 40
Security
clarkewing edited this page Nov 7, 2016
·
2 revisions
Published folders should not be accessible via regular web access. Using Kloudspeaker does not require web access to published folders as it has direct filesystem access.
But since Kloudspeaker cannot prevent the web server from serving those files, there are two options how to prevent it:
-
Place all published folders outside www root. With this option, there is no way users can access the files with browser via Apache. Only PHP has to have read and write access to the folders.
-
Prevent access with web server access rules, for example htaccess rule "deny from all" in Apache.
In all cases, published folders should not be located under Kloudspeaker folders (not client or backend).
- Home
- Installation
- Migration from Mollify
- Configuration
- Client configuration options
- Backend configuration options
- Languages
- Uploader
- Troubleshooting
- Plugins
- Quota
- History
- File viewer editor
- Registration
- Comments
- Share
- Archiver
- Item details
- Notificator
- Event logging
- Lost password
- Item collection
- Trash bin
- WebDAV
- Permissions
- Security
- External interface
- Command line interface
- Customizations
- Resources
- Client resource map
- Development
- Client modules
- Plugin
- Creating UI
- Client API
- Development environment
- Change log