Hi,

My sugarcrm.log file is viewable if you type in http://www......com/sugarcrm/sugarcrm.log from browser.

I have put this in the .htaccess sugar file.

# BEGIN SUGARCRM RESTRICTIONS
RedirectMatch 403 (?i)^.*\.log$
RedirectMatch 403 (?i)/+not_imported_.*\.txt
RedirectMatch 403 (?i)/
+(soap|cache|xtemplate|data|examples|include|log4p hp|metadat
a|modules)/+.*\.(php|tpl)
RedirectMatch 403 (?i)/+emailmandelivery\.php
RedirectMatch 403 (?i)/+cache/+upload
# END SUGARCRM RESTRICTIONS

I have also set AllowOverride to All in the httpd.conf

But no different, it is still viewable from browser.

How can I secure that?

Thanks.

hc.