Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move public environment outside private directories #19801

Closed
tassoman opened this issue Sep 30, 2022 · 2 comments
Closed

Move public environment outside private directories #19801

tassoman opened this issue Sep 30, 2022 · 2 comments
Labels
duplicate For issues that already existed in our issue tracker and were reported previously.

Comments

@tassoman
Copy link
Contributor

tassoman commented Sep 30, 2022
edited

The security check feature called Required (and Recomended) private directories" is now generating about 15 open issues on github if we exlude closed issues.

For example, I've put this effective directive inside apache, but looks like not enough for the feature.

<LocationMatch "^/matomo/(config|core|tmp|lang|.git)">
    Require all denied
</LocationMatch>

In my opinion private directories shouldn't served by apache. So, for a next software's refactoring (v.5.x), I suggest to distribute public files and assets directories inside their own /public directory.

Suggesting to bypass the security checks, is a needed fast shortcut, but unreliable long term solution.

Target Environment

  • Matomo Version: 5.x
@tassoman tassoman added the Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. label Sep 30, 2022
@Findus23
Copy link
Member

I think that's the same discussion as #19505
And I still agree that this is (at least as an optional installation method) a huge benefit for Matomo.

@tassoman
Copy link
Contributor Author

tassoman commented Oct 5, 2022

We're on the same frequency, I close as duplicated

@tassoman tassoman closed this as completed Oct 5, 2022
@Findus23 Findus23 added duplicate For issues that already existed in our issue tracker and were reported previously. and removed Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. labels Oct 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate For issues that already existed in our issue tracker and were reported previously.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tassoman @Findus23