I'm translating that to mean the following, let me know if this is correct:
Quote:
Thank you for bringing this up. While we don't feel that it poses a significant security risk
and we would have preferred to be contacted directly before you made a public post,
this is something we are diligently looking into. At first blush, it appears that although
the information isn't particularly sensitive, it probably would make sense to drop a
.htaccess in that directory with "deny from all" so that those files can't be accessed
via a web browser. If you see anything else that you think should be addressed, please
give me a call at the number on the site so that we can evaluate and if needed address
the issue before it is publicized in order to keep our clients secure. Thanks again.
|
__________________
For historical display only. This information is not current:
support@bettercgi.com ICQ 7208627
Strongbox - The next generation in site security
Throttlebox - The next generation in bandwidth control
Clonebox - Backup and disaster recovery on steroids
|