Skip to content
Grav 2.0 is officially stable. Read the announcement →
Log in Register
Support

How to hide configuration files

first-time

Started by Diego Cabral 4 years ago · 0 replies · 330 views
4 years ago

Hello!

I have inherited a Grav project.
Many files under the /user/config folder (security.yaml, for example) and the /user/accounts.yaml folder are public. That is, any user that knows the right path can access these files on our production server.

Is this expected behaviour? Or did the previous admin make a mistake during configuration?
If this isn't expected, how can I make these pages "private"? I don't think they should be exposed publicly.

Suggested topics

Topic Participants Replies Views Activity
Updating to newer Grav versions
Support · by Water Science, 3 weeks ago
11 170 7 hours ago
unable to get waypoints to trigger
Support · by Duc , 23 hours ago
1 44 23 hours ago
Multisite in subdirectory
Support · by Thomas, 1 week ago
3 116 1 day ago
How to listen for GET requests instead of POST requests?
Support · by Anna, 4 days ago
2 109 2 days ago
Twig not processing in 2.0.0
Support · by Justin Young, 2 days ago
1 89 2 days ago