Difference between revisions of "Vendor directory security check"

Latest revision as of 11:16, 16 May 2019

The vendor directory should not be present on public sites.

The directory vendor inside the Moodle dirroot contains various third-party libraries and their dependencies, typically installed by the PHP Composer. It may be needed for local development, such as for installing the PHPUnit framework. But it can also contain potentially dangerous code exposing your site to remote attacks.

It is strongly recommended to remove the directory if the site is available via a public URL, or at least prohibit web access to it.

es:report/security/report security check vendordir

Revision as of 10:53, 16 May 2019 (view source) Docsadmin (talk \| contribs) (Created page with "{{Security overview report}} '''The vendor directory should not be present on public sites.''' The directory <tt>vendor</tt> inside the Moodle dirroot contains various third...")	Latest revision as of 11:16, 16 May 2019 (view source) Docsadmin (talk \| contribs) (Removed redirect to Vendor directory security check) (Tag: Removed redirect)
(One intermediate revision by the same user not shown)
(No difference)

Anonymous

Search

Difference between revisions of "Vendor directory security check"

Namespaces

More

Page actions

Latest revision as of 11:16, 16 May 2019

Navigation

Navigation

Wiki tools

Wiki tools

Anonymous

Search

Difference between revisions of "Vendor directory security check"

Latest revision as of 11:16, 16 May 2019

Navigation

Wiki tools

Page tools