pyrech / do-not-expose-your-symfony
Change some default Symfony configuration to not leak you are using it
Installs: 4
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- php: ^7.0
- symfony/framework-bundle: ^3.3 || ^4.0
Requires (Dev)
- ext-iconv: *
- friendsofphp/php-cs-fixer: ^2.9
- symfony/console: ^3.3 || ^4.0
- symfony/form: ^3.3 || ^4.0
- symfony/phpunit-bridge: ^3.3 || ^4.0
- symfony/security-bundle: ^3.3 || ^4.0
- symfony/yaml: ^3.3 || ^4.0
This package is auto-updated.
Last update: 2024-10-14 04:09:21 UTC
README
This project main's goal is to help you not exposing your project uses Symfony by changing some default configuration.
Why?
Symfony already do not leak a lot of information about itself. However we can still find clues to detect whether your project uses Symfony. Potential hacker could use these information to find security breaches that could be exploited.
See this french article for a not exhaustive list of things that can be detected and that this bundle aims to change.
Installation
- Use Composer to install
DoNotExposeYourSymfony
in your project:
composer require "pyrech/do-not-expose-your-symfony"
- If you do not use Symfony Flex, you will also need to manually register the bundle inside the kernel:
/** * {@inheritdoc} */ public function registerBundles() { $bundles = [ // ... new Pyrech\DoNotExposeYourSymfony\PyrechDoNotExposeYourSymfonyBundle(), ]; // ... return $bundles; }
Further documentation
You can see the current and past versions using one of the following:
- the
git tag
command - the releases page on Github
- the file listing the changes between versions
And some meta documentation:
Credits
- All contributors;
- Inspired from this (french) article
License
This project is licensed under the MIT License - see the LICENSE file for details.