You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 402 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - [Site hacked] index.php was being replaced/edited [ ]
 Forum FAQ  •  Search  •   •  Memberlist  •  Usergroups   •  Register  •  Profile •    •  Log in to check your private messages  •  Log in

 
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
Author Message
thewizard
Sergeant
Sergeant


Joined: Sep 01, 2003
Posts: 134

Location: Germany

PostPosted: Thu Jun 03, 2004 12:38 pm Reply with quoteBack to top

well i tried it up to coppermine version 1.2.2. and it works. is there a newer and stable version out. hm dont know. but maybe you can look at this cmd-file.
the way the guys works is pretty quick, less than two minutes. looking for the module, reflecting hostname and directory and off you go.

_________________

Rather must you Become, and Become, and Become, until Hackers respect thy Power, and other Wizards hail thee as a Brother or Sister in Wisdom, and you wake up and realize that the Mantle hath lain unknown upon thy Shoulders since you knew not when.
Find all posts by thewizardView user's profileSend private messageVisit poster's website
bretonmage
Captain
Captain


Joined: Feb 21, 2004
Posts: 421


PostPosted: Thu Jun 03, 2004 12:40 pm Reply with quoteBack to top

coppermine 1.3.0 is out.

_________________
Image
Find all posts by bretonmageView user's profileSend private message
thewizard
Sergeant
Sergeant


Joined: Sep 01, 2003
Posts: 134

Location: Germany

PostPosted: Thu Jun 03, 2004 12:42 pm Reply with quoteBack to top

only heard of a beta4 or so. but well stopped using it some time back. maybe anyone can try the hack on that version Laughing

_________________

Rather must you Become, and Become, and Become, until Hackers respect thy Power, and other Wizards hail thee as a Brother or Sister in Wisdom, and you wake up and realize that the Mantle hath lain unknown upon thy Shoulders since you knew not when.
Find all posts by thewizardView user's profileSend private messageVisit poster's website
madman
Support Mod
Support Mod


Joined: Feb 15, 2004
Posts: 806


PostPosted: Thu Jun 03, 2004 5:34 pm Reply with quoteBack to top

Since most PHP-Nuke modules are running from nuke root path, we can restrict access to root subdirs. Create an .htaccess file like this:

Code:
<FilesMatch "\.(php|inc|txt)$">
  Order Allow,Deny
  Deny from all
</FilesMatch>


Put it into these following subdirs:

/admin/
/blocks/
/db/
/images/
/includes/
/language/
/modules/
/themes/

Now, create another .htaccess file like this:

Code:
<FilesMatch "^(index|admin_[a-zA-Z0-9_-]+)\.php$">
  Order Deny,Allow
  Allow from all
</FilesMatch>


Put it to /modules/Forums/admin/ directory.

These two .htaccess will prevent direct execution to any PHP scripts. Please note this tips work well with new PHP-Nuke installation. If you use another modules which should execute their script directly from the URL link outside PHP-Nuke root, you'll have to put this .htaccess on those modules like this:

Code:
<FilesMatch "\.php$">
  Order Deny,Allow
  Allow from all
</FilesMatch>


Hope this can help to tighten your site security.

_________________
I'm Image
Find all posts by madmanView user's profileSend private messageVisit poster's websiteYahoo MessengerMSN Messenger
thewizard
Sergeant
Sergeant


Joined: Sep 01, 2003
Posts: 134

Location: Germany

PostPosted: Thu Jun 03, 2004 9:44 pm Reply with quoteBack to top

yep! sure this will work. but the aim should be to secure sides in an easy way. so why not make a fix your tip?

_________________

Rather must you Become, and Become, and Become, until Hackers respect thy Power, and other Wizards hail thee as a Brother or Sister in Wisdom, and you wake up and realize that the Mantle hath lain unknown upon thy Shoulders since you knew not when.
Find all posts by thewizardView user's profileSend private messageVisit poster's website
Sw1ftSn1p3r
Nuke Soldier
Nuke Soldier


Joined: Jun 06, 2004
Posts: 32


PostPosted: Mon Jun 07, 2004 3:09 pm Reply with quoteBack to top

I am not sure if I should be posting this here for the fact that this is security and my question is about installation.... I am trying to get my site to completly work with PHP-Nuke, but I cannot even get to the Admin Section... So I need help with turning on Output_Buffering... (only the .htaccess part.) For more information on this topic Click Here to see the problem.... You can also read the first page if you would like to see EVERYTHING I have done....

-Thanks for your help

-Sw1ftSn1p3r
Find all posts by Sw1ftSn1p3rView user's profileSend private message
Display posts from previous:      
Post new topic  Reply to topicprinter-friendly view
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



Powered by phpBB © 2001, 2005 phpBB Group

Ported by Nuke Cops © 2003 www.nukecops.com
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.052 Seconds - 382 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::