pyrech/do-not-expose-your-symfony

Change some default Symfony configuration to not leak you are using it

dev-master 2017-12-24 00:50 UTC

This package is auto-updated.

Last update: 2024-11-14 04:22:36 UTC


README

Latest Stable Version Total Downloads Build Status

This project main's goal is to help you not exposing your project uses Symfony by changing some default configuration.

Why?

Symfony already do not leak a lot of information about itself. However we can still find clues to detect whether your project uses Symfony. Potential hacker could use these information to find security breaches that could be exploited.

See this french article for a not exhaustive list of things that can be detected and that this bundle aims to change.

Installation

  • Use Composer to install DoNotExposeYourSymfony in your project:
composer require "pyrech/do-not-expose-your-symfony"
  • If you do not use Symfony Flex, you will also need to manually register the bundle inside the kernel:
    /**
     * {@inheritdoc}
     */
    public function registerBundles()
    {
        $bundles = [
            // ...
            new Pyrech\DoNotExposeYourSymfony\PyrechDoNotExposeYourSymfonyBundle(),
        ];
        
        // ...

        return $bundles;
    }

Further documentation

You can see the current and past versions using one of the following:

And some meta documentation:

Credits

License

This project is licensed under the MIT License - see the LICENSE file for details.