We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 36686
    • 165 Posts
    I've upgraded a site to 2.5.2 and I notice the connectors/security folder is still there. Not in the 2.5.2 download but since I merged the folders when uploading the 2.5.2 files the security folder still exists, and a file called login.php. I noticed that in the patch (which I did on another site) it says:

    "Delete the security-folder within the connectors-folder if it is still there. It is no longer needed and deleting is required to keep it safe" (https://www.sterc.nl/en/modx/modx-2.5.2-security-patch)

    Are we supposed to delete the security folder manually after a full upgrade to 2.5.2 as well?

    This question has been answered by nomark. See the first response.

    • discuss.answer
      Yes, you definitely should.
        Sterc Internet & Marketing | MODX Founding Partner | Chairman of the MODX Advisory Board

        In need of a MODX consult? Try our MODX Developers Experts!
        • 36686
        • 165 Posts
        Thanks, I already did smiley If someone from the MODX dev team reads this, it might be a good idea to include information about deleting the security folder in the upgrade instructions in a very clear manner so nobody misses this, if it can't be done automatically through the upgrade script. It's no fun being hacked, trust me, I know :-/