Hi Friends, Are you Back-end Developer??
Just Look at It.
It’s a serious note for you. I can show you live hacking of websites/admin panels.
** Disclaimer : – Information Shared here is completely confidential do not misuse it otherwise whatever action will be taken by the authority you are yourself responsible for that.
Here we Go:
1) Go to Google
2) Search for DB_USERNAME filetype:env
Now you will get a list of .env files of the appropriate site which is public, you can completely read this file which causes l
How to prevent this??
What is Solution??
Here we Go:
Protect it using your .htaccess file
For Apache
<FilesMatch "^\.env">
Order allow,deny
Deny from all
</FilesMatch>For nginx
location ~ /\.(?!well-known).* {
deny all;
}you can check using : $PROJECTURL/$PATH_FOR_ENV
Also, You can check apps for developer. – Helping Hands
Very Useful
Really helpful information thanks for sharing.
This article really helped me to improve my site security thanks for sharing.
This article helped me a lot. thanks.