Disabling Mini Profiler - Umbraco 7

hannahmiddletonwhite · June 9, 2025, 10:21am

We have recently had a security check carried out and they have identified two vulnerabilities on our website that relate to two Mini Profiler files - .dll and .pdb - both in the bin file.

We are running the following version of Umbraco - Umbraco version 7.12.2 assembly: 1.0.6820.12881

We have plans to upgrade to Version 13 later this year but would appreciate any advice in the meantime about these profilers.

Question – can these Mini Profilers be disabled?

We have tried removing the files from the bin folder but it causes our website to crash.

What are the risks of disabling this profiler, i’m not entirely sure what it does.

Thanks in advance for any help.

markusjoha · June 9, 2025, 7:38pm

Hi!

It’s good that you’re working on a upgrade, Umbraco 7 is no longer supported so security issues will not be fixed.

Mini Profiler should only be visible to users logged into the backoffice, in what way did you find this to be vulnerability?

If you are running the site with production setting, mini profiler should be disabled.

Maybe you can follow this but do the opposite?

All the best!