How developers can secure .log files using .htaccess or proper server permissions so they aren't indexed by search engines.
Server administrators must restrict access to log directories. Logs should be stored outside the web root (the public html or www folder). If they must be accessible via the web, HTTP Basic Authentication or IP whitelisting should be required to access that directory. allintext username filetype log passwordlog facebook full