I've seen quite a few posts about the fact that XOOPS and Norton Internet Security don't like each other. I've found the work-around listed as setting the Norton software to trust my site and/or allow HTTP_REFERER.

The problem is, that many people that try to join my site run into this. Some have no problem making the changes, others are either intimidated by making changes, or hesitant to allow my site to "have access" to something that Norton says it shouldn't, simply because they don't fully understand the security.

Are there any "fixes" in place for this? I don't see this problem with every site that someone has to join, or log into, so there has to be a way to get around this so that users aren't turned away when they run into problems.

Bob

Just disable the HTTP_REFERRER check by hard coding. I can't remember the exact code to do it, but its been posted three or four times on this site in the last 8 weeks or so. Do a search for HTTP_REFERRER and they'll come right up. It's easy to do and saves you a lot of bother in the long run.

I think Dave_L was considering removing it alltogether in future releases of XOOPS but I could well be wrong. I'm sure a developer will confirm or deny.

u can disable the referer check very easy

look at this topic :
https://xoops.org/modules/newbb/viewtopic.php?topic_id=25989&forum=28&post_id=114762#forumpost114762

OK, Thanks. I'll look for that. I'd been searching on norton security, but all I'd found on that was the work-around setting in Norton itself.

Quote:

Dave_L is only a lowly module developer, and doesn't have that kind of power.

But my preference would be to add a configuration setting so that an admin could turn the HTTP_REFERER check on or off.