Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona

PostPosted: Wed Aug 16, 2006 6:47 am Reply with quote

Bluezzz, Raven always provides an upgrade path, so if you go with 2.02.02 FULL right now, you can eventually upgrade to 2.10.00. No timeline has been given as yet for 2.10.00.

If the community would just stop finding core PHP-Nuke bugs... killing me

_________________
Where Do YOU Stand?
HTML Newsletter::ShortLinks::Mailer::Downloads and more... 
View user's profile Send private message Visit poster's website
Bluezzz
Involved
Involved



Joined: Feb 08, 2005
Posts: 290
Location: USA

PostPosted: Wed Aug 16, 2006 12:01 pm Reply with quote

Thanks to everyone who's answered. I know I can install 2.02.02 but then I'll have to do any patches for that, then the upgrade ... tis quite painful for someone who's not overly savy on nuke. I remember the first time I installed it on my current site, took me forever to fix all the resulting errors : o/ I do wish it wasn't so complicated LOL

_________________
Bluezzz
~ Stop & smell the roses, while you can! ~ 
View user's profile Send private message
Misha
Worker
Worker



Joined: Jul 30, 2006
Posts: 205
Location: McLean, VA

PostPosted: Wed Aug 16, 2006 2:21 pm Reply with quote

Using the sites Kevin provided, I just found something that can be of some interest to you, too. This is e107. I've never heard of it before, but looks like it has decent choice of modules, user base, and support, too. I just install it today to run in parallel with Raven Nuke - I want to see for myself which one I like better. Installation was a snap ( I know how to create database and database user, though ). I like it so far. I might then try to compare the winner to Joomla.

Misha

_________________
http://www.funandsafedriving.com/defensive-driving.html 
View user's profile Send private message Visit poster's website
Bluezzz







PostPosted: Wed Aug 16, 2006 2:58 pm Reply with quote

LOL I'll let you test for both of us k? I just don't have the energy or time needed to d/l, then u/l, then create databases, etc ... but your opinion is important so please keep me posted! Actually I had tried e107 before and was surprised to find they're still around. I had a sample installed on my computer and that may actually be my test route (rather than u/l all to my host site, just run from my computer for testing purposes ... at least that will save me u/l hastle until I can determine which one I want). I liked e107 when I tried it, it was relatively simple. But it is rather limited in pre-made themes which I will need to rely on until I can learn to make my own. Hugzzz
 
Bluezzz







PostPosted: Wed Aug 16, 2006 4:34 pm Reply with quote

BTW, if you are interested in setting up your own web server (for testing or otherwise) on your computer, AND you have ample harddrive space, you might find this tutorial helpful ... I'm using it now : o}

http://www.webmasterstop.com/48.html

I've actually d/l (and am installing) all the most recent stuff for Apache, MySQL, PHP, etc, not sure which is best for you (or me for that matter LOL) but that's what I'm going with ... keep your fingers crossed that all installs correctly and works together properly!

This should help me immensely as I'll be able to test different CMSs right on my computer and decide which I like best before u/l to my different domains!

Wave
 
Misha







PostPosted: Thu Aug 17, 2006 4:32 pm Reply with quote

Sure, I'll post the results. It's going to take some time, though Smile And I test everything on my hosting live - this way I know for sure if it works for me or not. And I do not have upload problems Smile
 
Bluezzz







PostPosted: Thu Aug 17, 2006 5:40 pm Reply with quote

Well I'm having *issues* installing it all on my computer anyway LOL ... stuck with phpMyAdmin not loading right, not getting with MySQL (cause the newest PHP doesn't come packed with extensions/dlls/etc) ... I'll get it worked out sooner or later LOL.
 
technocrat
Life Cycles Becoming CPU Cycles



Joined: Jul 07, 2005
Posts: 511

PostPosted: Fri Aug 18, 2006 9:10 am Reply with quote

Might want to use a packaged distro like apache2triad or XAMP

_________________
Nuke-Evolution
phpBB-Evolution / phpBB-Evolution Blog 
View user's profile Send private message
Bluezzz







PostPosted: Fri Aug 18, 2006 3:45 pm Reply with quote

Has anyone tried this PHP Security Scanner, or any comment on it?

http://securityscanner.lostfiles.de/
 
Bluezzz







PostPosted: Fri Aug 18, 2006 4:10 pm Reply with quote

OK maybe someone can help me here *again* ...

I've just figured out that having apache, etc, on my computer to test sites won't work as I'd thought (perhaps I was in blonde mode) because all the newest for apache, php, myphpadmin & mysql don't quite mesh causing problems in phpmyadmin in where you can't run it because the php extensions (and other files) aren't included anymore ... you have to *find them*, install and tweak your brains out to get it all working. And even after all that here's the difference between what will be on my hosted site and on my computer:

On my hosted site from Fantastico, all for Unix...
Apache 1.3.36 (Unix)
PHP version 4.4.3
MySQL version 4.1.19-standard

I've been to each of these websites and have d/l and installed (to run a webserver off my home computer for PHP/CMS testing) the following latest versions (my computer is XP Pro SP2):

ALL for windoze...
Apache 2.2.3
PHP version 5.1.4
phpMyAdmin 2.8.2.2
MySQL version 5.0.24

I'm not sure what phpMyAdmin my fantasico has, if any. I'm having a problem seeing the index.php page correctly in my computer because fo the problem mentioned above (I'm sure I'll get it figured out sooner or later tho).

So the question is ... what Raven Nuke/Sentinel would best work with what is on my hosted site in Fantastico ... causing me the least amount of headaches to install/fix/secure? Someone mentioned I should just u/l the entire pkg and not use Fantastico install? Can you eleborate as to why I'd do that?
 
Gremmie
Former Moderator in Good Standing



Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA

PostPosted: Fri Aug 18, 2006 5:50 pm Reply with quote

I also late in the game found XAMPP. I now do all my testing and screwing around on it before making changes to my "real" site. I downgraded the PHP from 5 to 4 to match my "real" host. So far I have found only 1 incompatibility between XAMPP's MySQL and my hosts. The word "reads" is now a reserved word in MySQL 5. It is used in the Topics query by Nuke.

You could also use XAMPP to test various CMS systems.

I too have heard good things about e107 from a friend, but I have no personal experience with it.

_________________
GCalendar - An Event Calendar for PHP-Nuke
Member_Map - A Google Maps Nuke Module 
View user's profile Send private message
Bluezzz







PostPosted: Fri Aug 18, 2006 8:30 pm Reply with quote

What do you make of this comment on their site?

There is no upgrade available for this version because the security leak problems described by Thierry Zoller can not be solved.

Are you concerned about the *security leak problems* that *can't be solved*?
 
Gremmie







PostPosted: Fri Aug 18, 2006 9:17 pm Reply with quote

Bluezzz wrote:
What do you make of this comment on their site?


What site? Link?
 
Bluezzz







PostPosted: Sat Aug 19, 2006 2:34 am Reply with quote

That shows from the XAMPP site link you gave, d/l page I think. And I did install it but having *problems* ... the sample CD database is inaccessible? I'm getting flustered LOL
 
Bluezzz







PostPosted: Sat Aug 19, 2006 2:39 am Reply with quote

http://www.apachefriends.org/en/xampp-windows.html
 
Gremmie







PostPosted: Sat Aug 19, 2006 9:02 am Reply with quote

Oh, okay. XAMPP is meant to be a "sandbox" on your PC for playing around and testing things. It is not meant to host real live sites on the internet. See the section on the security console for more info:

Quote:

As mentioned before, XAMPP is not meant for production use but only for developers in a development environment. XAMPP is configured is to be as open as possible and to allow the web developer anything he/she wants. For development environments this is great but in a production environment it could be fatal.
 
Bluezzz







PostPosted: Sat Aug 19, 2006 11:31 am Reply with quote

Yes I realize it's a sandbox. But I'm having problems with it working as is, seems to be a mySQL issue ... it's showing in status as NOT active when it is active ... and then something else when I go to the CD demo it shows an error in SQL section. I'll have to look further into it, perhaps there's help pages that will explain how to fix that.

How did you *go back* to a previous version of PHP? Seems it's got 5.1.4 rather than 4.4.3 which my host has.

Thanks to all who posted under this topic! Hugzzz
 
Bluezzz







PostPosted: Sat Aug 19, 2006 12:01 pm Reply with quote

OK I've spent way too much time on the *setup for testing on my computer* idea. If I'm going to have this many problems doing that I might as well bite the bullet and just install all LIVE on my site and mess with it there.

That being said, and bearing in mind what my hosting service has installed in fantastico (assuming I just use those) ... which Raven Nuke would be best and how would I go about installing it? I'm sorry to ask so many questions but inquiring minds need to know!

I assume I go for the latest Raven & Sentinel BUT that's where I'm left high and dry ... I don't know if all I need is in those and I just u/l to the host ... do I install fantastico for PHPnuke and go from there or what?
 
FireATST
RavenNuke(tm) Development Team



Joined: Jun 12, 2004
Posts: 654
Location: Ohio

PostPosted: Sat Aug 19, 2006 1:02 pm Reply with quote

All you need is in the Distro....Smile Now once installed then upgrade the NukeSentinel to the latest version that has been released. You won't need anything from Fantastico...Smile
 
View user's profile Send private message Visit poster's website MSN Messenger ICQ Number
Misha







PostPosted: Sat Aug 19, 2006 1:13 pm Reply with quote

as far as I know there is no RavenNuke in fantastico. And you do not need fantastico anyway Smile. It's pretty straightforward. There is one bug in installation manual, though http://www.ravenphpscripts.com/posts10680-highlight-.html.
 
Misha







PostPosted: Sat Aug 19, 2006 1:20 pm Reply with quote

I would not say distro has "all you need". On top of the distro and latest sentinel I already installed:
bbtonuke 2021
nukeSEO
FNA
Forums Collapsing Block
Serach titles Only
Who is where
Blogger
and heavily modified forums search template Smile
and thinking about chat and gallery...
 
FireATST







PostPosted: Sat Aug 19, 2006 4:29 pm Reply with quote

Yes you may add whatever mods or blocks you would like after initial install, but everything that is needed to get the site up and running is in the Distro is what I meant....Smile Especially if this person is new to PHP-Nuke.....Smile
 
Bluezzz







PostPosted: Sat Aug 19, 2006 5:36 pm Reply with quote

Thank you all for helping! Now ... where do I get the latest Raven Distro and Sentinel ... and then how do I get it all on my site (where do I put what files if I don't use fantastico)?
 
montego







PostPosted: Sat Aug 19, 2006 6:01 pm Reply with quote

Quote:

where do I get the latest Raven Distro and Sentinel

I would always check on the front of this site the "Downloads" block. Everything you need is in the "Recently Added" category, both RavenNuke and NukeSentinel. However, there is also this forum here for post-release bug fixes (read those and follow instructions if any):

Quote:

and then how do I get it all on my site

FTP will be for the files. Read the various readme files and they will point you to the HowToInstall manual which will walk you through it.

The latest RavenNuke is still 2.02.02 and NukeSentinel is now 2.5.2.
 
Bluezzz







PostPosted: Sat Aug 19, 2006 6:46 pm Reply with quote

Do I have to create a database on my host first ... are there any install instructions that tell one step by step how to install stuff? Like how do I know if apache is installed, mysql, phpmyadmin, php ... and then after all those I would imagine I'd install raven nuke, etc ... how can I tell what is already installed or is the fact that it's mentioned in my CPanel with version indicative of it being already installed? I need step by step instructions LOL
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©