Betreff: Aw:: Protector unsicher?
von elpaksu am 24.02.2009 08:25:58
Na ja Anleitung kann man das nicht nennen.
= INSTALL =
First, define XOOPS_TRUST_PATH into mainfile.php if you've never done it yet.
Copy html/modules/protector in the archive into your XOOPS_ROOT_PATH/modules/
Copy xoops_trust_path/modules/protector in the archive into your XOOPS_TRUST_PATH/modules/
Turn permission of XOOPS_TRUST_PATH/modules/protector/configs writable
After Xoops Protector is installed, edit your mainfile.php like this:
[color=ff0000]include XOOPS_TRUST_PATH.'/modules/protector/include/precheck.inc.php' ;[/color]
if (!isset($xoopsOption['nocommon']) [color=0000ff]&& XOOPS_ROOT_PATH != ''[/color] ) {
include XOOPS_ROOT_PATH."/include/common.php";
}
[color=ff0000]include XOOPS_TRUST_PATH.'/modules/protector/include/postcheck.inc.php' ;[/color]
Just add two red-colored lines.
If the blue-colored part is different from your mainfile.php, don't mind it.
Both pre-check and post-check are needed.
An option "DENY by .htaccess" is added on version 2.34.
If you try this option, set writable XOOPS_ROOT_PATH/.htaccess
Before installing this, you should compare it to the security risks which .htaccess is writable.
Falls einer mir seine mainfile.php zeigen könnte wäre es nicht schlecht. Natürlich nur die sachen die Protector angehen.
Vielen dank
|
