Securing Cache Directories

Notice

Official container images restrict /cache access by default. This page applies only to legacy host installations.

While nothing critical is stored in cache directories by tt-rss nor do files have easily guessable names, you may consider forbidding external access over HTTP to these directories anyway. This is not required, however.

You may also consider restricting access to config.php, just in case.

Using nginx

location/tt-rss/cache{denyall;}location=/tt-rss/config.php{denyall;}

Note: official docker setup has this out of the box.

Using apache (2.4 syntax)

<Directory/var/www/html/tt-rss/cache>Requirealldenied </Directory><Directory/var/www/html/tt-rss><Files"config.php">Requirealldenied </Files></Directory>