I just installed Paypal PHP SDK in my site to use REST API interface. I saw that with default config there is a var/auth.cache file and it is accessible from the web. Is this a security issue? Should I move that path or set Apache to block web request to it?
