Vulnerability
Description
Magento’s configuration is saved in the file local.xml, which is located in the webroot under app/etc/local.xml. Because it is an xml file, a web server will not parse it and will instead expose it to users directly. Magento prevents this by including an .htaccess file that restricts access to that directory. However, this isn’t enough protection. .htaccess files are specific to the Apache web server. .htaccess is not supported by other web servers, such as nginx. This leaves users in the scenario where any web server other than Apache will default to a setup that allows anyone to download the local.xml file over the Internet.
Mitigation measures
Set the permissions on app/etc/local.xml or /store/app/etc/local.xml in your web server configuration.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
