How to prevent directory access by a third party component?

by NivF007   Last Updated February 13, 2018 04:10 AM

In the Akeeba Backup docs, in the section "Securing the backup output directory" the following security recommendation is provided

Using a well known location would allow an attacker exploiting a security issue in a third party component to gain access to the backup archives. The only way around that is using a different directory, ideally one above your site's root. [emphasis added]

It seems to me that if one component can gain access to a directory (even one above the root), then any component can gain access to the same directory.

My question, therefore, is: Is it possible to secure a directory so that only a specific component (i.e. Akeeba Backup) can gain access to it? If yes, how would that be done?

Tags : security


Related Questions



Joolma site Hacking suspected

Updated April 25, 2015 21:04 PM



What to do if my Joomla website got hacked?

Updated July 01, 2016 08:04 AM