Permissions on /var and /var/log

Question

I set all the permissions and recommended by the documentation.

However, anyone can still see the log files from the browser since the var/log folder has read permission.

How is that handled ? by .htaccess? I have that file in place Maybe is not being recognized by the server ?

How can I fix this?

Thanks

https://github.com/magento/magento2/blob/develop/var/.htaccess this file? you probably have something wrong in your config, what is your php handler? apache module or php-fpm? — MagenX, Apr 05 '17 at 07:32

score -2 · Answer 1 · answered Apr 04 '17 at 18:03

-2

restrict just the log folder access to the group www-date

answered Apr 04 '17 at 18:03

Fodakty

which user is writing your logs ? – Fodakty Apr 04 '17 at 18:04
1

this doesnt answer the question on "how is this handled?". The solution you are offering is just a patch and its not documented anywhere. – Daniel Benedykt Apr 04 '17 at 18:38
this is very bad answer. if you mean www-data then its already has read access to that folder, and it will not block anything from opening it... – MagenX Apr 05 '17 at 07:36

1 Answers1