This forum is in READ-ONLY mode.
You can look around, but if you want to ask a new question, please use Stack Overflow.

Impossible to secure Symfony

Discuss installing Symfony 2 here

Impossible to secure Symfony

by scottybowl » Tue Mar 11, 2014 1:46 am

I've used a number of frameworks in the past such as Expression Engine and they made security of the server environment very simple. For example, on EE you can "lock down" the server making it impossible to find out what platform is running. It seems Symfony just makes everything available - our sysadmin ran a quick security check and a huge amount of data was exposed which would make a hacker weak at the knees.

Am I missing something or does Symfony not care about security?
scottybowl
Junior Member
 
Posts: 1
Joined: Tue Mar 11, 2014 1:41 am

Re: Impossible to secure Symfony

by nymo » Tue Mar 11, 2014 10:32 am

scottybowl wrote:It seems Symfony just makes everything available - our sysadmin ran a quick security check and a huge amount of data was exposed which would make a hacker weak at the knees.

Am I missing something or does Symfony not care about security?


What do you mean makes everything available? Also what data has your admin exposed? Search google for security issues in symfony. I never heard of any big issues which causes much trouble and Symfony is used world wide by a lot of companies and developers. Also you can have the best framework ever but a bad developer can make it insecure :)
nymo
Senior Member
 
Posts: 174
Joined: Fri Jan 07, 2011 11:37 pm
Location: Germany