Websites managed by me has been hacked
What security issues may be possible???
Hi @Pradeep_Tiwari,
Is your file storage area (files_dir) web-accessible? That’s a dangerous configuration, as noted in the installation form and README documentation, and it’s the most common cause of break-ins.
The files area should be either kept outside the web root, or protected from direct access using e.g. a .htaccess document.
Regards,
Alec Smecher
Public Knowledge Project Team
1 Like