Support

Akeeba Backup for Joomla!

#30958 – htaccess files?

Posted in ‘Akeeba Backup for Joomla!’
This is a public ticket. Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.
Monday, 18 February 2019 05:34 CST
Hi! We noticed a lot of extra .htaccess files in the Abeeka component folder on some of our sites. Have you added these to a recent version?

Kind regards,
Jip
++++++++++++++++++++++++

/plugins/system/backuponupdate/.htaccess
/plugins/system/akeebaupdatecheck/.htaccess
/plugins/quickicon/akeebabackup/.htaccess
/plugins/system/akeebaactionlog/.htaccess
/administrator/components/com_akeeba/View/.htaccess
/administrator/components/com_akeeba/Toolbar/.htaccess
/administrator/components/com_akeeba/Model/.htaccess
/administrator/components/com_akeeba/Master/.htaccess
/administrator/components/com_akeeba/Master/Installers/.htaccess
/administrator/components/com_akeeba/views/.htaccess
/administrator/components/com_akeeba/sql/.htaccess
/administrator/components/com_akeeba/Helper/.htaccess
/administrator/components/com_akeeba/Dispatcher/.htaccess
/administrator/components/com_akeeba/Controller/.htaccess
/administrator/components/com_akeeba/BackupPlatform/.htaccess
/administrator/components/com_akeeba/fields/.htaccess
/administrator/components/com_akeeba/BackupEngine/.htaccess
/administrator/components/com_akeeba/AliceEngine/.htaccess
/components/com_akeeba/Model/.htaccess
/components/com_akeeba/Dispatcher/.htaccess
/components/com_akeeba/Controller/.htaccess
/administrator/components/com_akeeba/backup/.htaccess
Custom Fields
Joomla! version (in x.y.z format) 3.9.3
PHP version (in x.y.z format) 7.2.14
Akeeba Backup version (x.y.z format) 6.4.0
 
jjst135
Monday, 18 February 2019 07:55 CST
Hello,

yes, we added those files to prevent direct access to some folders.
Don't worry, even without those .htaccess files your site is not vulnerable, it can only leak out some generic info. We did that to prevent annoying reports from "security researches" that think if something is directly accessible is automatically a huge risk (when it's not).
It's just a best practice to block access to those folders (even if they do not containing anything remotely sensitive), so we added those new files.


Davide Tampellini

Developer and Support Staff



Italian: native

English: good



Please keep in mind my timezone and cultural differences when reading my replies. Thank you!



tampe125
Wednesday, 20 March 2019 18:17 CDT
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.
system
This ticket is closed, therefore read-only. You can no longer reply to it. If you need to provide more information, please open a new ticket and mention this ticket's number.

Support Information

Working hours: Typically we work Monday to Friday, 9am to 7pm Cyprus timezone (EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets, but we cannot respond to them, outside of our working hours.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!

Cookies Notification - Action required

This website uses cookies to provide user authentication and improve your user experience. Please indicate whether you consent to our site placing these cookies on your device. You can change your preference later, from the controls which will be made available to you at the bottom of every page of our site.