protect your tmp directory
-
- Power Poster
- Posts: 1049
- Joined: Wed Mar 19, 2008 4:54 pm
protect your tmp directory
to prevent hacking or abuse of your site, it's best to protect your tmp-directory with a .htaccess-file.
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
-
- Forum Members
- Posts: 116
- Joined: Mon Jul 28, 2008 4:48 pm
- Location: Cambridge, UK
Re: protect your tmp directory
Thanks for your suggestion, unfortunately it prevents the captcha image from displaying on my contact form - CMSMS 1.4.1, Form Builder 0.5.3, Captcha 0.3.1, Linux/PHP5/MySQL
Nick
Nick
Re: protect your tmp directory
Try this
so only executable php files will be blocked.
Code: Select all
<Files *.php>
Order deny,allow
Deny from All
</Files>
-
- Forum Members
- Posts: 116
- Joined: Mon Jul 28, 2008 4:48 pm
- Location: Cambridge, UK
Re: protect your tmp directory
Is there any reason that couldn't be added to the htaccess in the root?
Nick
Nick
Re: protect your tmp directory
If you block php files from root CMSms cannot running ...
Last edited by cyberman on Tue Aug 26, 2008 11:44 am, edited 1 time in total.
-
- Forum Members
- Posts: 116
- Joined: Mon Jul 28, 2008 4:48 pm
- Location: Cambridge, UK
Re: protect your tmp directory
Yes, index.php, etc. need access, I was thinking more of using it as a way to block lib, modules, plugins but just didn't write the question very well.
Nick
Nick
Re: protect your tmp directory
You can use the same like I've posted for uploads folder. For /libs you can use
Something more about CMSms and security you can find here
http://wiki.cmsmadesimple.org/index.php ... mall_Guide
Code: Select all
order deny,allow
deny from all
<Files ~ ".*\.css|.*\.js|.*\.gif|.*\jpe?g|editor.php|thumbs.php|images.php|editorFrame.php$">
Order deny,allow
Allow from all
</Files>
http://wiki.cmsmadesimple.org/index.php ... mall_Guide
Re: protect your tmp directory
Hi all,cyberman wrote: Something more about CMSms and security you can find here
http://wiki.cmsmadesimple.org/index.php ... mall_Guide
can you think we can add a related section into wiki guide?
Could be useful?
Regards
blast
Re: protect your tmp directory
Something like:cyberman wrote: Ähmm, what you want to add ?
"You can add .htaccess files to protect these directories:
/tmp
/libs
/uploads
...
Here suggested configuration for each one:
...
..."
Re: protect your tmp directory
On the posted link there was some informations like I've posted - now I've added the informations from this thread ...
Re: protect your tmp directory
Ok thanks!cyberman wrote: On the posted link there was some informations like I've posted - now I've added the informations from this thread ...