Jump to content

Securing files and directories


Nabeel

Recommended Posts

  • Administrators

A topic has come up about basic security for phpVMS files and folders, to prevent the theft of your template files. It's important to read this in the documentation. The documentation link is:

http://forum.phpvms.net/page/index.html/_/administrator-guide/securing-files-and-directories-r35

And the thread is:

http://forum.phpvms.net/topic/3266-securing-directories

Thanks to all those who brought it up. I'd recommend applying the .htaccess file immediately, or if your host has .htaccess files disabled, how to go about securing those files.

  • Like 2
Link to comment
Share on other sites

When I found this "insecurity" or (mis_configuration on the server side) that allows directory browsing

I tried several things to protect our contents, here they are:

One was to drop an empty index page on each directory I wanted to protect,

could be php or html, that itself blocks the listing of the directory.

then, later on I added some info on that "empty" page that reads like this:

<center><h1>You Are <span style="color:red">NOT </span> Authorized to acces this Area!</h1><br>

<h1>Usted <span style="color:red"> NO </span>esta autorizado a acceder esta Area!</h1><br><br><hr>

<center><div class="post"><h1>YOUR IP ADDRESS IS: <span style="color:red"><?php echo $_SERVER['REMOTE_ADDR']; ?></span></h1></center><br>

<h1><strong>And it has been logged!</h1></strong></h1></center><br><br>

As you can see is in english and spanish languajes, and displays the IP of the "visitors" of this area.

Is entirelly up to you if you want to log the IPs or not.

Other measure was to add a java script to disable mouse rigth click, so it makes difficult to copy your images.

Nabeel says, it annoys users, but helps. Also blocks seeing the page´s source_code.

But there exists other means to see the source code for the page.

Let´s keep phpvms "secure" and our contents too! :rolleyes:

SK

Link to comment
Share on other sites

Other measure was to add a java script to disable mouse rigth click, so it makes difficult to copy your images.

Not to be the bad guy here, but you can always drag-n-drop images from your site to their desktop from just about any website. There are ways around that, but not sure how.

Link to comment
Share on other sites

Not to be the bad guy here, but you can always drag-n-drop images from your site to their desktop from just about any website. There are ways around that, but not sure how.

Most everything is posible, but I did not know about this one, cool! :P

Link to comment
Share on other sites

There is an additional option to protect your contents, is a simple application and it´s FREE!!! (For Personal Use!)

take a peek as it might be what you´re looking for to "extra" protect your site, code and images

(with some limitations on the personal edition.) :unsure:

ohh yes, the link to grab it. it´s here! Enjoy!

http://www.protware.com/download.htm

SK

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...