Exposed sensitive files
Files like ".env" or ".git/HEAD" contain very sensitive information: database passwords, secret API keys, source code. This check ensures th…
Analyse my site for free
← All checks
How it works
How TheSiteFuse checks "Exposed sensitive files"
Files like ".env" or ".git/HEAD" contain very sensitive information: database passwords, secret API keys, source code. This check ensures they are not publicly accessible.
Why it matters
Real-world impact of "Exposed sensitive files"
If these files are public, anyone can retrieve database access or cloud service credentials and take full control of the site. This is an immediate security catastrophe that must be fixed.
Does your site pass this check?
Run the free full audit (120 checks) and instantly discover what needs fixing.