OpenML icon indicating copy to clipboard operation
OpenML copied to clipboard
verified publisher icon openml

Security hardening: disable expose_php, raise max_input_time, remove Indexes

Open lucifer4330k opened this issue 1 month ago • 0 comments

Implements server hardening from #1268:

  • docker/config/php.ini: set expose_php = Off
  • docker/config/php.ini: set max_input_time = 3600 to support large multipart parsing
  • docker/config/api.conf: remove Indexes from <Directory /var/www/openml> Options

Rationale:

  • Reduce information disclosure (hide PHP version)
  • Prevent directory listing
  • Avoid timeouts while reading multi-GB uploads given increased upload limits

This is a low-risk change that improves defaults for production deployments.

Fixes #1268

lucifer4330k avatar Nov 17 '25 09:11 lucifer4330k