- DC Blog RSS Feed
- [Updated] Free Mobile-Friendly Layout Wizard
- [Fixed] Feedback Form Wizard
- GitHub patch release previous version
- 15 years of blogging 500 posts later
- How to disable Laravel console commands
- Vue show and hide form elements
- Extracting a time into select menus with PHP
- Running HTTP requests in PhpStorm
- VIM shortcuts
آخرین مطالب
امکانات وب
First I noticed that if I go to http://example.org/wp-config.php, it gives me an empty page instead of 404 error. I tested it with another file - wp-config-example.php, and it gave me a page with the following text: "Error establishing a database connection". So it definitely just executed that php script. If I go to http://example.org/wp-content/themes/TheFox/screenshot.png, apache2 serves me that file.
This seems very dangerous to me. I didnt know about it for some time and kept a .sql backup of the whole wordpress database in the wordpress directory - anyone could've downloaded it.
I've just configured apache2 with <Directory /path/to/wordpress/dir/, and it worked, so I thought everything's done right, but now I am in doubt.
- - , .
Recent Questions...ما را در سایت Recent Questions دنبال می کنید
برچسب : نویسنده : استخدام کار superuser بازدید : 294