Welcome,
Guest
.
Please
login
or
register
.
Did you miss your
activation email
?
News:
Elxis 5.5 Calypso supports 2 factor authentication login with e-mail or SMS.
Home
Help
Login
Register
Elxis CMS Forum
»
Support
»
Security
»
problem in http access
« previous
next »
Print
Pages: [
1
]
Author
Topic: problem in http access (Read 8339 times)
Farhad Sakhaei
Elxis Community
Hero Member
Posts: 1190
I know nothing , Should know more & more
problem in http access
«
on:
June 27, 2007, 18:04:59 »
hi ,
today i applied http access on /administrator folder ...
after it , i visited home page , but when i visited it a username and password panel opened and asked me ...
but i only applied http access on /administrator folder...
so i checked html file...
i found that a file with this name : administrator/includes/js/ajax_new.js
included in it ...
so when we apply http access on administrator folder , this file willnot load... and in every visit of frontend , browser will ask us ...
this script recalls in modules/mod_poll.php file in line 21
i think we can solve this problem by move or copy this file in a folder on frontend ...
Logged
DediData Web Hosting Services
datahell
Elxis Team
Hero Member
Posts: 10356
Re: problem in http access
«
Reply #1 on:
June 27, 2007, 20:23:41 »
Yes you are right and this happens because of ajax. But I think that there is no need to add htaccess on the administrator folder. No one can enter your backend if he does nt know the password. No one can access any backend file without logging in first. I have never heared of someone saying that his site was hacked from backend even for Mambo/Joomla. Remove the htaccess file.
Logged
Elxis Team
|
Is Open Source
|
IOS Rentals | IOS AERO
Farhad Sakhaei
Elxis Community
Hero Member
Posts: 1190
I know nothing , Should know more & more
Re: problem in http access
«
Reply #2 on:
June 30, 2007, 08:50:06 »
yes, but you recommended that use these simple steps to secure your Elxis site:
-Set the right properties on your directories.
-Do not unnecessarily leave directories open with CHMOD set at 777. Elxis provides you a CHMOD Tool at the administrator control panel which you can use to easily change mode to any file or directory within your Elxis site.
-When you are not making changes to configuration.php, set its permissions to 644
-After install, delete the directory "installation". Dont just rename it!.
-Secure your /administrator directory using HTTP access control.
-Use complex password. At least 6 characters containing symbols, numbers and letters. Remember passwords are case sensitive.
-Enable FTP access over files and set file modes to 644. These files will be writable by Elxis but not from PHP (file owner should be the local user).
-Install and use Elxis on a Linux server
i think some people may use these steps ...
Logged
DediData Web Hosting Services
datahell
Elxis Team
Hero Member
Posts: 10356
Re: problem in http access
«
Reply #3 on:
June 30, 2007, 08:57:39 »
OOoops! I dont remember that!
It must be old. Just don't add htaccess in backend.
Note:
Elxis 2007 has included a login recorder tool that logs every attempt to backend (succefull or not).
Logged
Elxis Team
|
Is Open Source
|
IOS Rentals | IOS AERO
Farhad Sakhaei
Elxis Community
Hero Member
Posts: 1190
I know nothing , Should know more & more
Re: problem in http access
«
Reply #4 on:
June 30, 2007, 09:01:15 »
ok , no problem , i copied ajax file into modules folder and edited the path ...
thank you
Logged
DediData Web Hosting Services
Print
Pages: [
1
]
« previous
next »
Elxis CMS Forum
»
Support
»
Security
»
problem in http access
Topic: problem in http access (Read 8339 times)
