Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
HauntedWebby
Involved
Involved


Joined: May 19, 2004
Posts: 363
Location: Ogden, UT

PostPosted: Sun Jun 20, 2004 12:52 pm Reply with quote

Today I'm starting over with a fresh install of Phpnuke. Which version should I do ... 7.2 or 7.3. I would have just stuck to 7.2 since Chatserv did have the patchs for 7.3 I have a choice. Smile

I'm going to install the following advice, pro/con of choices would be nice (not sure if I'm using correct names on some programs):
PhpNuke (of course)
Raven's scripts (hackattempt, sentental, httpauth)
Anti-right click
A photo gallery where only I can upload pics (will try CPG again but scared to do it)
MS Anaysis (I like his reports Smile)
OSC shopping cart
Kalendar
I need a good script to prevent download harvesting
I'd like to have a good chat room, any suggestions?
Has anyone cracked the merger of mailing list and the PhpBB board yet? Very Happy Cool Wink

_________________
--Webby-- 
View user's profile Send private message Send e-mail
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sun Jun 20, 2004 1:17 pm Reply with quote

My personal favorite is 7.0, seriously. I don't need the points thingy. With Sentinel you no longer need my Hack Alert script. My 7.0 distro has Coppermine installed, but it is an older version. You will need to either delete it or upgrade it. Also be sure to install my HTTP Auth protection script at Only registered users can see links on this board! Get registered or login! . For download harvesting, I just use a few of directives in .htaccess. This will guarantee that download requests come from one place only. Also, use the download/password script from Only registered users can see links on this board! Get registered or login!

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^$ [OR]
RewriteCond %{HTTP_REFERER} !^http://(.*)YOURDOMAIN\.([com|net]+)/.*$ [NC]
RewriteRule .*\.([mpg|mpeg|zip|tar|exe|avi|mov|gif|jpe?g]+)$ - [NC,F]
 
View user's profile Send private message
HauntedWebby
PostPosted: Sun Jun 20, 2004 1:25 pm Reply with quote

I don't understand the points thingy myself. If you could list who is in what group that would make sense. It kinda reminds me of the ranking system in the forum, but you can't do special groups. I can see restriction on who sees what for blocks. But I'd rather do that a different way then points. I use the subscriptions, sections and content to do that. I really wish they would put in when you write a story you control who see it, no just restrict the whole module on who see it. Then you can have articles for everyone, for registered users and for subscribed users.
 
HauntedWebby
PostPosted: Sun Jun 20, 2004 1:27 pm Reply with quote

Raven wrote:

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^$ [OR]
RewriteCond %{HTTP_REFERER} !^http://(.*)YOURDOMAIN\.([com|net]+)/.*$ [NC]
RewriteRule .*\.([mpg|mpeg|zip|tar|exe|avi|mov|gif|jpe?g]+)$ - [NC,F]


I tried that with my cpanel Hotlink Protection, it was banning graphics for my own site even though it wasn't suppose to unless I checked the Allow direct requests, but by doing that as soon as someone figured out the direct URL then they could download at will from anywhere.
 
Raven
PostPosted: Sun Jun 20, 2004 1:32 pm Reply with quote

Hmmm. It works 100% for me. I have my downloads at another site and it ensures that all d/l requests come from my site. Very strange indeed. Well, I'm off to father's day festivities Smile - be back on later.
 
HauntedWebby
PostPosted: Sun Jun 20, 2004 1:36 pm Reply with quote

Happy Dad Day!!!

That was with my old hoster ... I'm trying it again now that you are my hoster Smile

I know your script for this site works ... sometimes it gives me a 403 error Smile
 
Muffin
Client


Joined: Apr 10, 2004
Posts: 649
Location: UK

PostPosted: Sun Jun 20, 2004 4:54 pm Reply with quote

Raven do we just put that code at the top of our htaccess file? and which htaccess file do we put it in?

Sorry learning!

I like v7.0 too. Laughing
 
View user's profile Send private message
HauntedWebby
PostPosted: Sun Jun 20, 2004 5:02 pm Reply with quote

Muffin wrote:
Raven do we just put that code at the top of our htaccess file? and which htaccess file do we put it in?

Sorry learning!

I like v7.0 too. Laughing


It should be the first thing listed in your files and it's the root .htaccess Smile
 
Muffin
PostPosted: Sun Jun 20, 2004 5:29 pm Reply with quote

Thanks Embarassed
 
HauntedWebby
PostPosted: Tue Jun 22, 2004 5:23 pm Reply with quote

Ok I went with Raven's 7.0. Do I need to add Chat's patches?

I still need to add the security stuff, but I'll do that when I'm at home instead of work Wink

Does anyone know of a good place to find RSS feeds?

My site: Only registered users can see links on this board! Get registered or login!
 
Raven
PostPosted: Tue Jun 22, 2004 5:27 pm Reply with quote

Yes you do. The patches are only as recent as when that distro was last released. get Sentinel(tm) installed ASAP.
 
HauntedWebby
PostPosted: Wed Jun 23, 2004 10:11 am Reply with quote

I tried to download ChatServ's patches for 7.0 but the file is currupt. Sentinel is installed and already blocking the bad guys. Cool
 
chatserv
Member Emeritus


Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico

PostPosted: Wed Jun 23, 2004 10:35 am Reply with quote

Sorry, i might have been reuploading the patches when you tried to download it, it's always a pain when i decide to release a new version, i wait til Nuke bug & vulnerability reports stop coming in before i release these but as usual when i finally put them out new reports appear Rolling Eyes
 
View user's profile Send private message Visit poster's website
HauntedWebby
PostPosted: Thu Jun 24, 2004 11:27 am Reply with quote

Not a problem Smile I figured somethng strange musta been going on Smile

Thanks for doing the patches!!!
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©