Security issue?
Posted: Thu Jul 02, 2020 5:58 am
Hi,
Is there a way to prevent access to the index.php from within the browser?
Noticed today that if I simply put the ip address for where zm runs I in effect get access to .../www/zoneminder/index.php
I.e <ip address>/zm/index.php displays zm web interface
but if I simply put in <ip address>/ as the url I am offered to open or download the .../www/zoneminder/index.php
Made an attempt to modd .../etc/nginx/nginx.conf by adding autoindex off; but that didnt do anything.
Is there a way to prevent access to the index.php from within the browser?
Noticed today that if I simply put the ip address for where zm runs I in effect get access to .../www/zoneminder/index.php
I.e <ip address>/zm/index.php displays zm web interface
but if I simply put in <ip address>/ as the url I am offered to open or download the .../www/zoneminder/index.php
Made an attempt to modd .../etc/nginx/nginx.conf by adding autoindex off; but that didnt do anything.