31
Anonymous
norton 2004
  • 2004/9/18 4:43

  • Anonymous

  • Posts: 0

  • Since:


Hi
I have also posted a picture guide for 2004 users - similiar to the 2003 one.
2004 setup

Please feel free to use it or copy
cheers
Pete

32
Byron
Re: norton 2004
  • 2004/10/1 17:32

  • Byron

  • Just popping in

  • Posts: 14

  • Since: 2004/9/25


I also had some issues with this when my site went online over the summer. I had trouble getting the users in question to figure out what to do with Norton- I think they got it preinstalled on their computer with the defaults, and didn't even know which version it was. And the instructions seem to change a lot between versions.

This is more of a firewall question than a XOOPS question, but is there any way to run a test to determine whether or not someone is using Norton? I know there's ways to detect browser, OS, that sort of thing, but I don't know about firewall. It occured to me that, if we could find a way to test for what the user's running, then we could just include an if... statement that will disable the checks only for those users who need it disabled, and keep the security for everyone else on the site.

33
Stewdio
Re: norton 2004
  • 2004/10/1 18:29

  • Stewdio

  • Community Support Member

  • Posts: 1560

  • Since: 2003/5/7 1


Just saw this post and was reminded to get it done, thanks for keeping the topic open.

I just added the hack. Gave up telling people and explaining and don't have time to create help files for multiple configurations. I would rather just be done with it. I don't think this layer is really needed, it causes more grief then it has advantages, but thats just my humble opinion.

Cheers all

34
GIJOE
Re: The problem with Norton and Xoops
  • 2004/10/10 21:18

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


Quote:

Dave_L wrote:
function xoops_refcheck($docheck=1)
{
   [
color=ff0000]return true// disable HTTP_REFERER check[/color]
   
$ref xoops_getenv('HTTP_REFERER');
   if (
$docheck == 0) {
   ...
}

This is not a good code.
Better is like this:
function xoops_refcheck($docheck=1)
{
    
$ref xoops_getenv('HTTP_REFERER');
    if (
$docheck == 0) {
        return 
true;
    }
    if (
$ref == '') {
        [
d]return false;[/d]
        [
color=ff0000]return true;[/color]
    }
    if (
strpos($refXOOPS_URL) !== ) {
        return 
false;
    }
    return 
true;
}

The important difference between former hack and latter hack is:

former:
Even when user sends his referer, he is not protected against CSRF.

latter:
A user who sends his referer can be protected against CSRF even if he uses some modules which update/insert via GET.

With this hack, administrators MUST enables his referer.

35
limecity
Re:The problem with Norton and Xoops
  • 2004/10/11 0:41

  • limecity

  • Friend of XOOPS

  • Posts: 1602

  • Since: 2003/7/6 0


what do u mean by this
"With this hack, administrators MUST enables his referer." ?

So i just replace the old hack codes with this?
and XOOPS will still have no problem with norton?

36
limecity
Re:The problem with Norton and Xoops
  • 2004/10/26 15:20

  • limecity

  • Friend of XOOPS

  • Posts: 1602

  • Since: 2003/7/6 0


I tested this already..
the hack provided by GIJOE still got some problem for some users..
i changed back the code to the previous hack and it was back to normal.

37
izzzy
Cookie of Xoops and more some scripts blocked by Firewall
  • 2004/11/16 11:03

  • izzzy

  • Just popping in

  • Posts: 43

  • Since: 2004/5/27


It was quite so, as I told. but even Norton Internet Securit (NIS) continues blocking, same reducing the Levels of Protection. The one that I ended up verifying is that I don't need to incapacitate the Protection of the Firewall (that is very dangerous nowadays in Net)... I just incapacitated the Control of Privacy and it usually worked.

Me nào knows if only I had been repairing, as other existme, but some firewall as Norton and ZoneAlarm have been blocking any script and even cookie. The XOOPS nor it turns for cause of those firewall. Nowadays all have to be navigating in Net with protection. And, I think that doesn't must is happening just with Norton, other softwares must is blocking the javascript, cookies and css of Xoops. That will reduce the community in little time.

Forgive me English!

Hugs,
Izzy

38
toolsmythe
Re: The problem with Norton and Xoops
  • 2004/12/6 1:03

  • toolsmythe

  • Just popping in

  • Posts: 34

  • Since: 2004/11/27


I have had several users complain about not being able to post to my forum and not one that could not register. I registered for him with no problem and he was able to get in.

He was logged into my site - I saw him in the list of active users. Yet later when I looked at user stats it claimed he had never logged in.

I also believe he tried to vote in a poll and it was not registered.

I had another user unable to upload a photo to the photo album, but that may have been a size issue.

Thanks for teh hack. Will implement it immediately!!

JP

39
Arowana
Re: The problem with Norton and Xoops
  • 2004/12/6 6:02

  • Arowana

  • Friend of XOOPS

  • Posts: 323

  • Since: 2004/8/6 2


Why dont you all post something on your front page about Norton and this website. Since more and more people are adding security to their websites why are you taking it away.

XOOPS passes Cookies and Norton blocks them.

I have posted on a few of my XOOPS sites front page and I have gotten more and more users.

"If you have a Norton Firewall you must enable or allow *.thisdomainname.com to pass them or you will not be able to use this website properily. This is for your own security while you are using this website only. Please do not disable your firewall just to use this site."

40
limecity
Re: The problem with Norton and Xoops
  • 2005/1/24 8:59

  • limecity

  • Friend of XOOPS

  • Posts: 1602

  • Since: 2003/7/6 0


I am having the same problem again after upgrading to XOOPS 2.0.9.2

So anyone has the fix?
very urgent. Thank you

Login

Who's Online

69 user(s) are online (43 user(s) are browsing Support Forums)


Members: 0


Guests: 69


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Aug 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits