Possible data breach?

  • Resolved martje65

    (@martje65)


    3 weeks, 2 days ago

    By using a standard folder like const WPMU_LOG_PATH = ABSPATH. ‘../logs/wpmu/’; i think you will create a data breach.
    Why not use a random folder name for every installation in the upload directory?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author berkux

    (@berkux)

    3 weeks, 2 days ago

    hi, thanks for checking that. The Idea is to put the logfiles out of public reach. In the Uploaddir the logfiles might be public. The dir below abspath should be out of reach. A random dir in the uploaddir might be Another way, but only Security by obscurity.
    Bernhard

    Thread Starter martje65

    (@martje65)

    2 weeks, 3 days ago

    Thanks for the update @berkux

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.