✔️"; $wfalse = "❌"; $utrue = "❗"; $ufalse = "✔️"; $unull = "➖"; $server = $_SERVER['SERVER_NAME']; $uri = $_SERVER['REQUEST_URI']; // Tests if a URL has a valid SSL certificate function has_ssl( $domain ) { $ssl_check = @fsockopen( 'ssl://' . $domain, 443, $errno, $errstr, 30 ); $res = !! $ssl_check; if ( $ssl_check ) { fclose( $ssl_check ); } return $res; } // Changes probed URL to HTTP if no valid SSL certificate is present, otherwise an error would be thrown if (has_ssl($server)) { $actual_link = "https://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; } else { $actual_link = "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; } function getUrlSatusCode($url, $timeout = 3) { $ch = curl_init(); $opts = array(CURLOPT_RETURNTRANSFER => true, // do not output to browser CURLOPT_URL => $url, CURLOPT_NOBODY => true, // do a HEAD request only CURLOPT_TIMEOUT => $timeout); curl_setopt_array($ch, $opts); curl_exec($ch); $status = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); return $status; } //Files or directories to test if writable $wrt1 = is_writable('.env'); $wrt2 = is_writable('database/database.sqlite'); //Files or directories to test if accessible externally $url1 = getUrlSatusCode($actual_link . '/../../.env'); $url2 = getUrlSatusCode($actual_link . '/../../database/database.sqlite'); ?> @if($url1 == '200' or $url2 == '200')

Your security is at risk. Some files can be accessed by everyone. Immediate action is required!
Click this message to learn more.

@endif

Write access

Here, you can easily verify if important system files can be written to. This is important for every function to work properly. Entries marked with a '✔️' work as expected, entries marked with a '❌' do not.

0) {echo "$wtrue";} else {echo "$wfalse";} ?> 0) {echo "$wtrue";} else {echo "$wfalse";} ?>

File	Hover for more
{{ base_path(".env") }}
{{ base_path("database/database.sqlite") }}

Security

Here, you can easily verify if critical system files can be accessed externally. It is important that these files cannot be accessed, otherwise user data like passwords could get leaked. Entries marked with a '✔️' cannot be accessed externally, entries marked with a '❗' can be accessed by anyone and require immediate action to protect your data.

Link	Hover for more
{{ url('/.env') }}
{{ url('/database/database.sqlite') }}

Dependencies

Required PHP modules.

BCMath PHP Extension	@if(extension_loaded('bcmath'))✔️@else❌@endif
Ctype PHP Extension	@if(extension_loaded('Ctype'))✔️@else❌@endif
cURL PHP Extension	@if(extension_loaded('cURL'))✔️@else❌@endif
DOM PHP Extension	@if(extension_loaded('DOM'))✔️@else❌@endif
Fileinfo PHP Extension	@if(extension_loaded('Fileinfo'))✔️@else❌@endif
JSON PHP Extension	@if(extension_loaded('JSON'))✔️@else❌@endif
Mbstring PHP Extension	@if(extension_loaded('Mbstring'))✔️@else❌@endif
OpenSSL PHP Extension	@if(extension_loaded('OpenSSL'))✔️@else❌@endif
PCRE PHP Extension	@if(extension_loaded('PCRE'))✔️@else❌@endif
PDO PHP Extension	@if(extension_loaded('PDO'))✔️@else❌@endif
Tokenizer PHP Extension	@if(extension_loaded('Tokenizer'))✔️@else❌@endif
XML PHP Extension	@if(extension_loaded('XML'))✔️@else❌@endif
SQLite PHP Extension	@if(extension_loaded('PDO_SQLite'))✔️@else❌@endif
MySQL PHP Extension	@if(extension_loaded('PDO_MySQL'))✔️@else❌@endif

Your security is at risk. Some files can be accessed by everyone. Immediate action is required! Click this message to learn more.

Write access

Security

Dependencies

Your security is at risk. Some files can be accessed by everyone. Immediate action is required!
Click this message to learn more.