Since we upgraded a website to use SSL and CMSMS 1.12.2, admin users can no longer browse into the sub folders when using the File Selection pop-up or via the File Manager. The page just reloads when a folder is clicked, like it just goes back to the root.
Here is the config.php and htaccess files being used:
Code: Select all
# CMS Made Simple Configuration File
# Documentation: /doc/CMSMS_config_reference.pdf
#
$config['php_memory_limit'] = '';
$config['process_whole_template'] = '';
$config['debug'] = false;
$config['output_compression'] = '';
$config['timezone'] = 'Europe/London';
$config['dbms'] = 'mysql';
$config['db_hostname'] = 'localhost';
$config['db_username'] = 'xxxxxxxxx';
$config['db_password'] = 'xxxxxxxxx';
$config['db_name'] = 'xxxxxxxxx';
$config['db_port'] = 0;
$config['db_prefix'] = 'cms_';
$config['persistent_db_conn'] = '';
$config['use_adodb_lite'] = '1';
$config['root_url'] = 'https://www.website.co.uk';
$config['admin_url'] = 'https://www.website.co.uk/admin';
$config['admin_dir'] = 'admin';
$config['previews_path'] = '/home/master/applications/asdfghjkl/public_html/tmp/cache';
$config['uploads_path'] = '/home/master/applications/asdfghjkl/public_html/uploads';
$config['uploads_url'] = 'https://www.website.co.uk/uploads';
$config['default_upload_permission'] = '664';
$config['use_smarty_php_tags'] = '';
$config['auto_alias_content'] = true;
$config['url_rewriting'] = 'mod_rewrite';
$config['page_extension'] = '';
$config['query_var'] = 'page';
$config['image_manipulation_prog'] = 'GD';
$config['image_transform_lib_path'] = '/usr/bin/ImageMagick/';
$config['image_uploads_path'] = '/home/master/applications/asdfghjkl/public_html/uploads/images';
$config['image_uploads_url'] = 'https://www.website.co.uk/uploads/images';
$config['ssl_uploads_url'] = 'https://www.website.co.uk/uploads';
$config['locale'] = '';
$config['default_encoding'] = 'utf-8';
$config['admin_encoding'] = 'utf-8';
$config['set_names'] = true;
$config['wiki_url'] = 'http://wiki.cmsmadesimple.org/index.php/User_Handbook/Admin_Panel';
Code: Select all
# BEGIN Optional settings
Options -Indexes
<Files "config.php">
order allow,deny
deny from all
</Files>
<FilesMatch "\.(?i:pdf)$">
ForceType application/octet-stream
Header set Content-Disposition attachment
</FilesMatch>
ErrorDocument 403 /forbidden403.shtml
ServerSignature Off
# END Optional Settings
# BEGIN CMSMS and Rewrite Rules
# Make sure you have Options FollowSymLinks
# and Allow on
RewriteEngine On
# URL Filtering helps stop some hack attempts
#IF the URI contains a "http:"
RewriteCond %{QUERY_STRING} http\: [OR]
#OR if the URI contains a "["
RewriteCond %{QUERY_STRING} \[ [OR]
#OR if the URI contains a "]"
RewriteCond %{QUERY_STRING} \] [OR]
#OR if the URI contains a "<__script__>"
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
#OR script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
#OR any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^.*$ - [F,L]
# END Filtering
# CMSMS Rewriting
# Set assume mod_rewrite to true in config.php and clear CMSMS cache
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ index.php?page=$1 [QSA]
# END CMSMS
# END Rewrite rules
Thank you