Changes

Jump to navigation Jump to search

Security information

5 bytes added, 4 months ago
m
* Production option to disable any technical information leakage like debug, error stacktrace, version informations (See [[Configuration_file|configuration file]]) <sup>[*6]</sup>.
* Protection against SQL injection <sup>[*2]</sup>.
* Protection against XSS injection (Cross Site Scripting) <sup>[*1]</sup>. * Protection against CSRF (Cross Site Request Forgery) <sup>[*5]</sup>.Note that it is better also recommanded to also protect your web server by disabled Apache option
<source lang="ini">
AcceptPathInfo Off
</source>
* Protection against CSRF (Cross Site Request Forgery) <sup>[*5]</sup>.
'''Pages and files access'''

Navigation menu