Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
newbie
Regular
Regular


Joined: May 03, 2004
Posts: 62
Location: USA

PostPosted: Sun Jul 25, 2004 6:27 pm Reply with quote

Hi Everyone,

I sure hope this is possible ... or rather ... I know it's possible ... I just hope it's not beyond my capabilities Wink

I have been using the fix for the admin vulnerabilities for awhile ... the http authorization deal. And I love it. But, somehow, someway, it just suddenly quit working. My webhost upline says they haven't made any changes ... but they must have, because at about the same time, my weblog will no longer use the "clean style" of url's (using the name of the post as the link).

I can't figure out how to fix it and I really like the extra authorization prior to getting to the admin area. I also use Sentinel.

My question is this: How can I move admin.php to another folder? Which files do I have to change in order to accomplish this? I want to move it to another folder and then require an http authorization to log into that folder (http autho still works on folders ... just not on the individual file).

If anyone has any ideas on this, I would really appreciate the help.

Take care and thanks for all that you do.

_________________
Darla
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sun Jul 25, 2004 9:30 pm Reply with quote

You have posted other posts that allude to this issue. if this is the CGI vs. Apache module issue then you know how to fix that. Moving admin.php will not do anything towards protecting the vulnerabilities that have been exploited. Because, you will still call admin.php?something= regardless as to where it is located.
 
View user's profile Send private message
newbie
PostPosted: Mon Jul 26, 2004 2:34 am Reply with quote

Hi Raven,

Yeah, it's sort of the same issue ... only with a different twist Wink

I was trying to figure out a work around .... because http authorization still works on my folders ..... just not on the individual files. So, I figured if I could move admin.php to a secured folder, then it would accomplish the same thing ... just having to jump through a few more hoops to do it.

But ... as we discussed in the other thread .... I'm gonna TRY real hard to be patient and not mess with anything till I hear from my host Wink

Thanks again.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©