Unfortunately Smarty makes it possible to read the .tpl files in your templates folder by direct access in your browser. I would recommend adding a .htaccess file to the templates folder with the following content:


<Files ~ "\.(tpl|inc|cfg)$">
order deny,allow
deny from all
</files>


Now you will get a 403 denied error.

Greetings,
gb

thanks :) already in default version

hmmm.... i didn't see it in either of the versions. do mean you will add it?

I mean I added it to my local future version. Next both version will be released with this .htaccess file

i see :wink:

I'm sure lots of our customers will create .htaccess.. I'd highly recommend to do this. Taking in account hacking attack in this month

Done. Thanks Gerwin!