Hi all, sorry for maybe a dumb question, or if my google-fu has failed me.
I’ve installed nextcloud, located the data folder outside of web root. However, should I be worried that extensions/“apps” appear to be in web root? E.g. if an attacker knew the URL could they download my bookmarks db?
If so are there recommended apache configurations that I should look in to?
Thanks!