Support

Hi,

I have a question about the .htaccess maker.

In your documentation you wrote that if you put a directory in the field [Allow direct access, including .php files, to these directories] you are opening a security hole on your site!

But is this hole already there when you use the standard Joomla .htaccess file provided during the installation? Or do I make it more unsecure to use .htaccess maker and fill in this URL which I want to use the exception for.

In my case:
templates/yoo_digit
cache/com_zoo/
cache/template/
cache/widgetkit/

Hope to hear from you.

Kind regards,
Lumiga

Lumiga,

The object is to minimize these security holes. Some of them are necessary to run your site properly. I recognize the ones on your site, they are needed. You are correct, some are already open just to run Joomla!. You can try to minimize the number of openings, but you can never close off everything.

Hi Dale,

So if I understand it correctly, these holes I make are not worse than already present with the standard Joomla .htaccess file. So it is always better to use the .htaccess maker?

Thanks!

Yes, .htaccess Maker has protections that the standard Joomla! .htaccess file does not have. So your site is more secure with the .htaccess Maker file. In your case, you need to open just a little hole to allow your template to work properly.

The Yoo guys have been told that they should not be using the cache folders like they do, they refuse to acknowledge the problem or to fix it.