Thread: Major Additions - Links and Downloads Manager
View Single Post
  #2542  
Old 10-23-2007, 04:03 AM
AndrewD AndrewD is offline
 
Join Date: Jul 2002
Location: Scotland
Posts: 3,486
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by sduckie2k5 View Post
Want to thank you first of all, have been running this for quite sometime and have enjoyed your work.

Secondly, I noticed today when upgrading to 2.2.8 besides the obvious reported bug that if I goto the directory where the downloads reside, I can access it and the index of the downloads publicly, is there anyway I can shut this down, in the event that someone finds out its location, i.e should I chmod it? If so, to what or what might I do that only registered users can gain access, thru the proper channels?

Thanks D*
Several points.

You can place all the LDM files outside the web server directories using the local_file_root and local_file_root_prefix settings. That will completely stop anyone being able to get at the files by guessing the location. This is explained in http://www.eirma.org/wikis/index.php...nd_Server_Load

In addition, you should block your web server from allowing production of directory listings when someone just enters the directory name. An easy way to do this is to put an empty index.html file in that directory. A better way is to tell the server not to provide directory listings. With Apache, you can also configure the server to prevent directory listings, using the Options commands within the httpd.conf file.
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01057 seconds
  • Memory Usage 1,765KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_quote
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete