XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Community Support forums / 
  3. Q and A 
  4.  / The problem with Norton and Xoops
Register
21
Stewdio
Re: The problem with Norton and Xoops

  • 2004/9/16 16:56

  • Stewdio

  • Community Support Member

  • Posts: 1560

  • Since: 2003/5/7 1


Make a note to yourself on any modifications you have made, a personal change log if you will. New versions may overwrite your changes when uploaded to your site.
22
Dave_L
Re: The problem with Norton and Xoops

  • 2004/9/16 17:15

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


My technique for keeping track of hacks is to assign a unique tag to each hack, and use the tag in the changed code:

function xoops_refcheck($docheck=1)
{
   [color=ff0000]return true#*#NO_REFCHECK#[/color]
   $ref xoops_getenv('HTTP_REFERER');
   if ($docheck == 0) {
   ...
}


Then I have a text file that summarizes all the changes:

Xoops hacks

Base version 2.0.7.3

...

#*#NO_REFCHECK#  - disable HTTP_REFERER check
Reason:
 - blah
Reference:
 - https://xoops.org/modules/newbb/viewtopic.php?topic_id=24566forum=7
Modified files:
 - include/functions.php
New files:
 - n/a

...
23
tedsmith
Re: The problem with Norton and Xoops

  • 2004/9/16 17:17

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


That's a good idea. I think I will incorporate that. Thanks for the help guys.
24
limecity
Re: The problem with Norton and Xoops

  • 2004/9/17 2:22

  • limecity

  • Friend of XOOPS

  • Posts: 1602

  • Since: 2003/7/6 0


it worked! it worked! it worked!
Lols THank you Dave_L and the rest who gave the inputs,
you guys save my site from losing an amount of traffic.

and also.. I tred Zone Alarm and it works great! Makes me wanna test their Zone Alarm pro~

again.. thanks a bunch~
25
DobePhat
Re: The problem with Norton and Xoops

  • 2004/9/17 20:27

  • DobePhat

  • Friend of XOOPS

  • Posts: 656

  • Since: 2003/4/15


Are people able to visit but not log in?

What are the consequences of changing the code you suggested Dave?

Anything?

If not than why isnt this a standard?

Just curious!
Thanks!
26
kaotik
Re: The problem with Norton and Xoops

  • 2004/9/17 20:40

  • kaotik

  • Just can't stay away

  • Posts: 861

  • Since: 2004/2/19


I have the same question. Was also thinking of making the change suggested by Dave L since some of my users have been complaining about not being able to register.

Thanks
27
Dave_L
Re: The problem with Norton and Xoops

  • 2004/9/17 20:40

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


The HTTP_REFERER check adds a layer of security. It makes it harder for someone to hack your site.

But the added security isn't very difficult to bypass.

Personally, I like having multiple layers of security, and prefer to have the HTTP_REFERER check. But I think it would be desirable to have a webmaster option for turning it off.

----
edit

The HTTP_REFERER can also be used to provide functionality, since it indicates the page the user came from, and some features might make use of that. I don't think this applies to Xoops, though.
28
DobePhat
Re: The problem with Norton and Xoops

  • 2004/9/18 0:42

  • DobePhat

  • Friend of XOOPS

  • Posts: 656

  • Since: 2003/4/15


thanks...
Havent heard any complaints about people not being able to log in yet, but it's something to consider.

But after all, wouldnt norton be the same as say a pop up blocker. You just ask Norton to allow a certain website wouldn't you?

Thanks!
29
RVirtue
Re: The problem with Norton and Xoops

  • 2004/9/18 1:57

  • RVirtue

  • Quite a regular

  • Posts: 246

  • Since: 2004/8/4 9


Basically, yes. But Symantec designs its Norton Internet Security product with a configuration interface that isn't exactly the world's easiest to negotiate and presents a fairly bewildering array when the user gets there.

Having initially set up defaults, the user must then:

(1) locate a "Web Content" configuration tab under several menu "layers"

(2) add the site's domain name

(3) select it and uncheck five (5) boxes for using defaults

(4) set site specific preferences which include:

Global Settings
- "information about your browser"
- "information about visited sites"
- "animated images"
- "scripts"
- "flash animation"
User Settings
- "cookies"
- "java applets"
- "activex controls"
- "pop-up ads"
Ad Blocking
- "permit" + html strings

That may not seem like too much for people familiar with setting up CMS sites. But sorting it all out is a bit of a challenge for "joe average" web surfer. So most just assume that the tightest global defaults are best and don't even look further into the guts of the thing.

Regards,
Richard
30
kaotik
Re: The problem with Norton and Xoops

  • 2004/9/18 2:33

  • kaotik

  • Just can't stay away

  • Posts: 861

  • Since: 2004/2/19


Plus the problem will only increase as more users buy NIS (or buy comps with it bundled), and for each user that complains, probably 7 more simply leave and don't try again.
« 1 2 (3) 4 5 »

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

182 user(s) are online (146 user(s) are browsing Support Forums)

Members: 0

Guests: 182

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Apr 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits