[Vtigercrm-commits] [vtiger development] #7469: protect some directories from external access
vtiger development
vtiger-tickets at trac.vtiger.com
Thu Jul 12 07:43:05 PDT 2012
#7469: protect some directories from external access
-------------------------+--------------------------------------------------
Reporter: joebordes | Owner: developer
Type: enhancement | Status: new
Priority: unassigned | Milestone: Unassigned
Component: vtigercrm | Version: 5.4.0
Severity: Medium | Keywords:
-------------------------+--------------------------------------------------
To make our installs more secure, besides configuring apache correctly, we
have added a deny from all .htaccess file in some directories: backup and
logs, these are no problem and I would recommend vtiger CRM come
distributed with these directories protected by default.
But our real goal was to protect in this way the storage directory. We
found that we couldn't do this because of the contact and product images
use direct access to the files.
I would like to propose converting the image links on Contacts and
Products to php script, that way we could protect better the files easily
and by default.
Note: We haven't tried Mail Converter, and I also see some use of this
directory as a cache for PDF generation, I would suggest cache files be
kept in the cache directory we already have.
--
Ticket URL: <http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/7469>
vtiger development <http://trac.vtiger.com/>
vtiger CRM
More information about the vtigercrm-commits
mailing list