Security considerations for custom configuration

By default application is secured on standard hosting plans that use .htaccess files (like cPanel and DirectAdmin).

This section only refers to custom configuration without support for .htaccess. Like nginx, apache without mod_rewrite.

These configurations would be used mostly on VPS or Dedicated servers, and this page is intended mostly for professionals who operate such environments.

when using custom configuration (without support for htaccess) you must make certain security precautions, that apply to many PHP apps using custom configurations