Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/matomo-org/matomo.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/config/global.ini.php
diff options
context:
space:
mode:
Diffstat (limited to 'config/global.ini.php')
-rw-r--r--config/global.ini.php5
1 files changed, 5 insertions, 0 deletions
diff --git a/config/global.ini.php b/config/global.ini.php
index af3eb6f7b8..d12f73c1c0 100644
--- a/config/global.ini.php
+++ b/config/global.ini.php
@@ -539,6 +539,11 @@ enable_load_data_infile = 1
; - links to Uninstall themes will be disabled (but user can still enable/disable themes)
enable_plugins_admin = 1
+; By setting this option to 1, it will be possible for Super Users to upload Piwik plugin ZIP archives directly in Piwik Administration.
+; Enabling this opens a remote code execution vulnerability where
+; an attacker who gained Super User access could execute custom PHP code in a Piwik plugin.
+enable_plugin_upload = 0
+
; By setting this option to 0, you can prevent Super User from editing the Geolocation settings.
enable_geolocation_admin = 1
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-28 02:05:52 +0300