Security Researcher Detected: You might have ended up here because your site vulnerability scanner found something interesting. Hi! I'm a security engineer and I'm having a good time interacting with the people and bots that are interested in information security.
You will hopefully find this site is well-secured and I'm not interested in being hacked. I'm interested in learning about how people try to hack me, though.
What is this endpoint?
debug/default/view?panel=config/frontend_dev.php
Symfony
What an attacker could do
An exposed Symfony web debug toolbar/profiler leaks application configuration, environment variables, database queries, session contents, and source paths, handing an attacker the data needed for deeper compromise.
How to defend it
Ensure APP_ENV is set to prod and the profiler/web-debug bundle is disabled or uninstalled in production; block /debug and /_profiler routes at the web server.
Connect with the Security Engineer
Learn More
Want to dive deeper into this topic? Check out the official documentation.
Read Official Documentation