SPIP’s default security
There are two "sensitive" folders in SPIP, which are the CACHE and ecrire/data folders. The first contains all of the files which use your cache to accelerate the display of web pages, so is therefore moderately sensitive, but the second records the activity logs for SPIP (the spip.log files) and additionally allow you to create dump.xml backup files for the database.
Now the dump.xml files contain very sensitive data: in particular, you can see all of the articles, even those not made visible on the public site, without forgetting all of the identifiers and passwords [1] of the editors and administrators of the site.
The security of all of these files is traditionally ensured using access configuration files named .htaccess. SPIP automatically generates these files to prevent access to the sensitive data stored on the server: you can check that both the CACHE and ecrire/data folders each contain one of these .htaccess files.
Unfortunately, these files work under Apache (the web server used to make the vast majority of the Internet’s web sites work) but not under IIS (Internet Information Services, the web server from Microsoft).
Protecting your data under IIS: one additional step
If your site has been installed on IIS, absolutely anyone can then view the folders that are supposed to be secured by .htaccess files: so you need to protect them in another way.
To protect a folder on your site: open the administration panel for your web server, right click on the directory in question, click on "properties", and uncheck the check box labelled "Read" found on the "Directory" tab.
Perform this same operation for both of the CACHE and ecrire/data folders. If you have done it right, you should not then be able to access the files in these folders through the web server. You can test your configuration by trying to display http://www.yoursite.com/ecrire/data/spip.log from your normal browser. You should receive a message of some kind that indicates "Access refused".
