Only show the error โ€œPublic files directory Not fully protectedโ€ for Apache servers

Created on 4 March 2020, over 4 years ago
Updated 13 April 2024, 2 months ago

Problem/Motivation

For nginx and other non-Apache servers, the Status Report incorrectly issues a warning that the public files directory and temporary files directories are not protected:

Public files directory  Not fully protected
See http://drupal.org/SA-CORE-2013-003 for information about the recommended .htaccess file which should be added to the sites/default/files directory to help protect against arbitrary code execution.

Temporary files directory   Not fully protected
See http://drupal.org/SA-CORE-2013-003 for information about the recommended .htaccess file which should be added to the tmp directory to help protect against arbitrary code execution.

Since these errors do not apply to nginx (or any other non-Apache server), they should only be shown if the error conditions apply and the server is Apache.

Steps to reproduce

1. Install Drupal on nginx.
2. Go to the Status Report page.
3. Confirm that the error is incorrectly displayed.

Proposed resolution

Disable the error if the server is not Apache.

Remaining tasks

Review
Manual testing - complete see #7.

๐Ÿ› Bug report
Status

Needs work

Version

11.0 ๐Ÿ”ฅ

Component
Systemย  โ†’

Last updated 1 day ago

No maintainer
Created by

๐Ÿ‡ญ๐Ÿ‡ทCroatia Marko B

Live updates comments and jobs are added and updated live.
  • Needs tests

    The change is currently missing an automated test that fails when run with the original code, and succeeds when the bug has been fixed.

Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.69.0 2024