Welcome guest Login : Register : Team list : Latest posts : Help » Home » Discussion Forums » Reading Topic » ICT V1.1 » Installations » Securing my site Only one page to show. jimlongo January 06th, 2010 02:40 GMT Topics: 92 Replies: 259 Member Post: #12028 PT: #1/8 Following an RFI attack (not through ICT) on my webserver I am initiating stronger security precautions. What of the following in my php.ini file will NOT interfere with ICT software? Thanks, jim Code disable_functions = exec,shell_exec,passthru,system,eval,show_source,proc_open, popen,parse_ini_file,dl Jim Longo Wanless Tennis Janis Ellis Paintings Camil January 12th, 2010 22:41 GMT Topics: 155 Replies: 3414 Development Post: #12031 PT: #2/8 Form what I am seeing here only the Code eval part would disable ICT. The rest is fine I think. jimlongo January 13th, 2010 02:19 GMT Topics: 92 Replies: 259 Member Post: #12032 PT: #3/8 This message was edited by jimlongo on January 13th, 2010 02:23 GMT Thanks Camil.  That seems alright. If anyone's interested I've put this in my php.ini file with no effect on ICT. Note: may work or not depending on some of your server defaults Code allow_url_fopen = Off register_globals = Off expose_php = Off magic_quotes_gpc = On magic_quotes_sybase = Off disable_functions = exec,shell_exec,passthru,system,show_source,proc_open, popen,parse_ini_file,dl and to protect your php.ini file put this in your .htaccess file Code # PROTECT php.ini file. <Files php.ini> order allow,deny deny from all </Files> and found this really good block for a lot of exploits, check out the article at Perishable Press Jim Longo Wanless Tennis Janis Ellis Paintings Camil January 13th, 2010 02:39 GMT Topics: 155 Replies: 3414 Development Post: #12033 PT: #4/8 Very good! jimlongo January 18th, 2010 21:42 GMT Topics: 92 Replies: 259 Member Post: #12034 PT: #5/8 This message was edited by jimlongo on January 18th, 2010 21:46 GMT Since I started using the 4G block list some images were not appearing in post boxes, edit boxes, etc.,   When I investigated those images  I discovered that the URLs to those images had double slashes in them.  For instance notice the // before English in the following image URL.   http://mydomain.com/forum/skins/ice/images//English/postbox/quote.gif   One of the expressions in the blocklist prohibits double slashes, so those images won't display. If you look in the skin editor you will find code that looks like this . . .   Code <input type='image' src='{$this->skin_images}/English/postbox/url.gif' border='0' accesskey='u' value=' u ' onClick=" TPurl(); return false; " title='{$this->lang['post_url']}' name='url'> So it is an easy rix to remove the / from /English in the skin editor and then the images would appear.   They mostly exist in the messages module (there are also some in the moderation, add_post, and add_poll modules) of the skin editor.  Do a search in those modules for /English and /postv and remove the slash. If you notice any others please post them here. jim Jim Longo Wanless Tennis Janis Ellis Paintings Camil January 18th, 2010 23:19 GMT Topics: 155 Replies: 3414 Development Post: #12035 PT: #6/8 Great! Thanks. jimlongo March 08th, 2012 20:34 GMT Topics: 92 Replies: 259 Member Post: #12108 PT: #7/8 By the way I've upgraded the Perishable Press blocklist on all my sites from the 4G version to the 5G version. I've been running the beta for over a year without any problems whatsoever, it's a lot simpler than the previous version and very effective at stopping many attacks.  It's recently been released as final. The 5G Perishable Press Blocklist Jim Longo Wanless Tennis Janis Ellis Paintings Camil March 09th, 2012 14:12 GMT Topics: 155 Replies: 3414 Development Post: #12109 PT: #8/8 Thanks for the tip! Only one page to show. Posts in this thread ( 8 ) [ Subscriptions disabled ] [ Print Topic :: Print page] » Home » Discussion Forums » Reading Topic © ICT - Infinite Core Technologies 2002-2006 All Rights Reserved Driven by ICT - Infinite Core Technologies Privacy Policy