1
kevcar
How do I do this, step by step, please
  • 2009/3/20 11:50

  • kevcar

  • Not too shy to talk

  • Posts: 127

  • Since: 2007/6/2 1


How do I do this? thanks

public_html/xoops_lib is inside DocumentRoot!
For security considerations it is highly suggested to move it out of DocumentRoot.

public_html/xoops_data is inside DocumentRoot!
For security considerations it is highly suggested to move it out of DocumentRoot.


2
anderssk
Re: How do I do this, step by step, please
  • 2009/3/20 13:33

  • anderssk

  • Quite a regular

  • Posts: 335

  • Since: 2006/3/21


Hi'

Are You on a life installation ore are You on a test (local) installation?

Security guide here

And a newer updatet version here


3
kevcar
Re: How do I do this, step by step, please
  • 2009/3/20 16:29

  • kevcar

  • Not too shy to talk

  • Posts: 127

  • Since: 2007/6/2 1


I am on a Live website install

4
Anonymous
Re: How do I do this, step by step, please
  • 2009/3/20 17:47

  • Anonymous

  • Posts: 0

  • Since:


Hiya

You're worried about the warning in the admin panel, yes?

Are you able to move the xoops_lib and xoops_data folders to a level below /public_html?
You might not be allowed to if you're on a shared server - I'm not!

If you can move them then all you have to do is move the folders and then edit mainfile.php so that the revised path to them is given. That's it.

If you can't or are not allowed to move them then rename them to something else and edit mainfile.php accordingly.

My own site is structured like this (obviously, the names are different!):

/public_html/htdocs (<--xoops files here)
/public_html/xoops_data
/public_html/xoops_lib

Protector works well like this (all the checks in the Secruruty Advisory work) and it logs everything as it should. I still get the warning in the admin panel but I've decided to ignore it

HTH

5
kevcar
Re: How do I do this, step by step, please
  • 2009/3/20 19:14

  • kevcar

  • Not too shy to talk

  • Posts: 127

  • Since: 2007/6/2 1


Thanks for the help

6
kevcar
Re: How do I do this, step by step, please
  • 2009/3/20 19:26

  • kevcar

  • Not too shy to talk

  • Posts: 127

  • Since: 2007/6/2 1


My host placed all the XOOPS files in Public_html there is no htdocs folder, how do I change this?

7
ghia
Re: How do I do this, step by step, please
  • 2009/3/20 20:07

  • ghia

  • Community Support Member

  • Posts: 4953

  • Since: 2008/7/3 1


The public_html, htdocs and www are three common names for the directory that is your web root. The files located there as eg index.php are accesable by the browser as http://www.yoursite.com/index.php .
The intention is to have xoops_lib and xoops_data in a directory aside that web root as in figure 1.
During normal install, you get a layout as in figure 2. If you can't move the directories than you must add a ramdom chosen prefix to these two directories as in eg f67u_xoops_lib. You can also use a .htaccess file to deny access for additional protection.
In both cases (the move or the rename) you have to adapt the definitions in mainfile.php to reflect the changed situation.
Using xoops_lib and xoops_data with their original names inside the web root (as figure 2 shows), is not secure and your site may get hacked in the next weeks.

8
kevcar
Re: How do I do this, step by step, please
  • 2009/3/20 20:29

  • kevcar

  • Not too shy to talk

  • Posts: 127

  • Since: 2007/6/2 1


I have added a prefix to both files and changed the Mainfile to include the prefixes, so is it safe now?

Login

Who's Online

394 user(s) are online (279 user(s) are browsing Support Forums)


Members: 0


Guests: 394


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits