top | item 45717865 (no title) cesnja | 4 months ago You can still get hit by a path traversal exploit. The safest option is to only have the public files on the server. discuss order hn newest jonhohle|4 months ago A path traversal is different from putting private files in a public directory. For a simple static site there will always be certs, /etc, and other things outside of the document root that shouldn’t be served.
jonhohle|4 months ago A path traversal is different from putting private files in a public directory. For a simple static site there will always be certs, /etc, and other things outside of the document root that shouldn’t be served.
jonhohle|4 months ago