Fantastico And Php List

**Aric** · November 14th, 2003, 1:52 AM

This applies to the version of php List that Fantastico installs for now as well, since it hasn't been updated.

Quote:

Hello all,

After the recent security update, here is a patch you can use on any of the previous versions to make your PHPlist installation secure for the problem that was discovered. This should work on all installations using Apache (1 or 2) webservers. It depends a little bit on the way your Apache is configured, and maybe you don't have the privileges to add these directives in an .htaccess file. In that case, please advice your ISP about this issue and ask them to set this up for you instead.

Create a file called .htaccess in your "admin" directory (including the full stop [Editor's note: That's UK speak for "period"] at the beginning). Add the text below (between --- and ---) to this file. This will make sure that no files can be accessed apart from the "index.php" file. I will add this to future distributions, but for now you can add it yourself to your existing installation and there will be no immediate need to upgrade to the latest release.

---

Code:

<FilesMatch "\.(php|inc)$"> Order allow,deny deny from all </FilesMatch> <FilesMatch "index.php$"> Order allow,deny allow from all </FilesMatch>

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread:

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)