GetSimple Support Forum

Full Version: vulnerability ?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Has anyone addressed this vuln posted to youtube March 26 2021 ? 
https://www.youtube.com/watch?v=OCQxBtoic2w
shrug, don't leave your data files unprotected.. I mean, not sure how else to categorize this.
Kind of the users job to make sure their site data folders is secure.
in your .htaccess file:

Code:
RewriteEngine on
RewriteRule ^yourfile.xml$ 404.html

where your 404.html could be either a page not found
or any garbage page, which will display as invalid url.

or use this:

Code:
<FilesMatch ".(xml)$">
  order allow,deny
  deny from all
</FilesMatch>

== tagged - password protect xml ==
Don't we already have both of these?