Learn More
Resend Email
41
dev-nope
6y

I'll just leave this here:

https://google.com/search/...

rant

lol

security

fail

laravel

2018
Favorite
Ranter
Comments
  • 2
    6y
    http://makaluair.com/.env
    www.vipx.com.br
  • 2
    6y
    Nice 😯
    All the laravel devs around here better get busy
  • 1
    6y
    Whoops!
  • 1
    6y
    Not the first time I see this, and god damn so much local env o.O
  • 3
    6y
    Security by convention > security by configuration.

    or, to rephrase: Insecure by default is FUCKING STUPID.
  • 0
    6y
    One word: shit
  • 3
    6y
    I think it's not the framework's fault. Almost the first thing what the docs says is that .env files shouldn't be reside in a publicly accessible folder. If someone didn't see that, at least must have enough brainpower to realise if I put the .env file in the public folder it will be available PUBLICLY.
  • 0
    6y
    @xewl maybe try yer luck with trying to connect through the domain/IP 😉😏
  • 0
    6y
    @Teosz it really should be done by default, if there's no reason for it to be in a public folder (please tell me I'm wrong about that), and it's recommended to take it out of a public folder, why is it by default on a public folder?
  • 2
    6y
    @chabad360
    It is not. What we are seeing here i think is a bunch of misconfigured webservers using the root folder instead of the public folder as document root.
    By default it doesn't even has a .env file just a .env.example in the root folder.

    It is showing interesting results as hell through!
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment