Fix the Glype Bug to Hide Log Files Properly

Posted by Vectro 10 August 2011

This applies to anyone who has enabled logging in Glype. There is a bug which might allow hackers to retrieve the log files of the sites your users visit. Your user’s personal information could be compromised if this is not fixed. There is already some protection against this, but it is not enough. There is one more thing that needs to be done to prevent direct access to the log files.

Add this line to the bottom of the .htaccess file in the Glype tmp directory.


deny from all

This will not only hide your logs better, but also conceals stored cookies, if cookies are enabled in your configuration.

Source: Protecting Glype Log files from unauthorised access | Glype themes

Sorry, comments are closed.

Previous Post
«
Next Post
»