drupal-with-nginx icon indicating copy to clipboard operation
drupal-with-nginx copied to clipboard

Published 20 hours ago verified publisher icon perusio

Update drupal.conf (yml, md)

Open mbomb007 opened this issue 5 years ago • 0 comments
trafficstars

Drupal.conf should be updated to block access to Markdown (.md) and YAML (.yml) files by default. With many modules transitioning to README.md etc instead of README.txt, this change is important for security. Tools like Droopescan can automatically search a site for exposed files to discover which modules are enabled.

mbomb007 avatar Nov 03 '20 16:11 mbomb007