View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0003763 | Composr | health_check | public | 2019-01-20 17:25 | 2019-06-17 00:27 |
| Reporter | Chris Graham | Assigned To | Chris Graham | ||
| Severity | Feature-request | ||||
| Status | resolved | Resolution | fixed | ||
| Product Version | |||||
| Fixed in Version | |||||
| Summary | 0003763: Detect insecure scripts or downloads under webroot or base directory | ||||
| Description | Search for any files or directories matching these regexp patterns... #^phpinfo\.php$#i (PHP Info scripts should not be permanently left around, and if it's useful to keep you can do it from inside Composr or on the command line) #^bigdump\.php$#i (bigdump is useful for SQL imports, but should not be left around) #^phpmyadmin$#i (phpMyAdmin can be a huge security risk - although maybe we should scan it to see if it is secured with a login form or not) #back.*\.(tar|gz|zip)$#i (backups that people should not be able to download) #\.(sql)$#i ("") | ||||
| Tags | Type: Security | ||||
| Time estimation (hours) | 1 | ||||
| Sponsorship open | |||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2019-01-20 17:25 | Chris Graham | New Issue | |
| 2019-01-20 17:25 | Chris Graham | Tag Attached: Type: Security | |
| 2019-01-20 17:43 | Chris Graham | Note Added: 0005904 | |
| 2019-06-17 00:27 | Chris Graham | Assigned To | => Chris Graham |
| 2019-06-17 00:27 | Chris Graham | Status | non-assigned => resolved |
| 2019-06-17 00:27 | Chris Graham | Resolution | open => fixed |
