johnnybebad Posted May 16, 2009 Share Posted May 16, 2009 Okay I am about to do the security installs tomorrow 17th May 2009. So I should install them all, then how do I know if they are working or hindering genuine processes? How do I check the security options are correctly installed and working? Thanks Johnny Getting better with mods but no programmer am I. Link to comment Share on other sites More sharing options...
spooks Posted May 16, 2009 Author Share Posted May 16, 2009 some tests are already detailed in this thread, for others look at the relavent contrib docs & support thread. Clearly it would not make sense to put a list of tests here, as you would be creating a list on how to hack osC, which would be a very bad idea for all those without these!! If you search the net u should find some. :) Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
johnnybebad Posted May 17, 2009 Share Posted May 17, 2009 Hi, I have only installed site monitor, httaccess I have already with some of the issues ressolved. The problem with the rest is brief suggestion of the problems that could occur, and whilst I need to protect my site, I need to fully understand what the implications/ problems installing some of these security scripts are. Thanks Johnny Getting better with mods but no programmer am I. Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted May 17, 2009 Share Posted May 17, 2009 Have you read the contribution descriptions and documentation that comes with each one? Whilst it is wise not to just sling anything onto your site if you want to "fully understand" I would suggest you go on a few web security courses or spend a few hours at least googleing some of the key terms in the documentation. Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
joyces Posted May 30, 2009 Share Posted May 30, 2009 I might have missed the boat here as I've noticed no one has posted for a few weeks but if anyone is still out there can you help? I have installed SecurityPro and IP Trap. Have checked every folder and file for permissions. When I try the htaccess add on I just get "Internal Server Error, this is an error with your script, check your error log for more information." I have read all posts but all I can find is a reply that suggests you start removing parts of it from the bottom up. Unfortunately I ended up removing all of it before it work. It must be the way I'm putting it on. Can anyone help please? Cheers Andrea Link to comment Share on other sites More sharing options...
joyces Posted May 30, 2009 Share Posted May 30, 2009 I might have missed the boat here as I've noticed no one has posted for a few weeks but if anyone is still out there can you help? I have installed SecurityPro and IP Trap. Have checked every folder and file for permissions. When I try the htaccess add on I just get "Internal Server Error, this is an error with your script, check your error log for more information." I have read all posts but all I can find is a reply that suggests you start removing parts of it from the bottom up. Unfortunately I ended up removing all of it before it work. It must be the way I'm putting it on. Can anyone help please? Cheers Andrea Had another go "Trial and Error" the 2 sections which throw up the internal server error are the first and last options ie: # Deny domain access to spammers and other scumbags RewriteEngine on php_flag register_globals off SetEnvIfNoCase User-Agent "^libwww-perl*" block_bad_bots Deny from env=block_bad_bots and FORCE TYPE <Files site> ForceType application/x-httpd-php </Files> Has anyone any idea what I need to do to make these 2 work. I don't know what "Force Type" is all about but i fancy the "Deny domain access to spammers and other scumbags" bit. I know it's sunny and everyone, quite rightly, is in the garden but any help would be appreciated Cheers Andrea Link to comment Share on other sites More sharing options...
Chris34 Posted June 24, 2009 Share Posted June 24, 2009 Sam, thank you for the wonderful post. I have installed security pro, and then moved onto Ip Trap. I have followed the instructions and I have tested it but all that happens when I type in mywebsite/catalog/personal is that it comes up with the browser error message of http 404 not found. Does anyone have any suggestions as to why it isn't working? One thing I was confused about during the installation is that there was 2 robot.txt files. I have put one in the catalog folder and the other one in the root, is this right? Any help is much appreciated, I'm sure my brains going to explode before the days out, lol Chris. Link to comment Share on other sites More sharing options...
Chris34 Posted June 24, 2009 Share Posted June 24, 2009 Right, still got the problem with ip trap and now have another problem. I have installed site monitor and once I configured it in the admin I clicked update and this error message came up 'Cannot change the mode of file (/var/www/vhosts/mywebsite/httpdocs/catalog/admin/sitemonitor_configure.php)' Anybody got any idea's, Chris. (brain cannot take much more of a hammering,lol) Link to comment Share on other sites More sharing options...
spooks Posted June 24, 2009 Author Share Posted June 24, 2009 have u added the htaccess file? Best to post in the contib support thread Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
spooks Posted June 24, 2009 Author Share Posted June 24, 2009 s b4 post in the contib support thread Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
Chris34 Posted June 24, 2009 Share Posted June 24, 2009 Still got the first 2 problems and now I am having trouble with the ht.access contribution. I take it you just copy and paste all the scripts straight into the ht.access file and only adding my website address where required (if I am wrong then please correct me). However I have had a look at the folders and I have got 2 ht.access files, 1 in the admin folder and 1 in the catalog folder. Which file should I put these scripts in? Chris Link to comment Share on other sites More sharing options...
spooks Posted June 25, 2009 Author Share Posted June 25, 2009 place it in the root, then it will apply to all sub-folders, if you then have sub-folders with their own files, those rules will apply to them also. take care when creating, u may create syntax errors by mistake, I use word pad & save in text mode Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
Chris34 Posted June 26, 2009 Share Posted June 26, 2009 Hi Sam, thank you for your reply, I have done what you said and now when I try and bring up the website I recieve this message in the browser 'Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, my-email-address and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log.' Has anyone got any idea's as to what this could be? I placed it in the root of the catalog folder and that didn't work so I tried it in the root of httpdocs and that didn't work either. Cheers, Chris. Link to comment Share on other sites More sharing options...
spooks Posted June 26, 2009 Author Share Posted June 26, 2009 the file goes in public_html, thats your root!! your error means you have an error in the file, as I said take care!! empty the file & add everything back in sections, see when the error comes back Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
Chris34 Posted June 26, 2009 Share Posted June 26, 2009 I have not got a public.html file but I have got a pub folder and I found another ht.access file, I altered that one and it didn't work. I then remove all what I had changed and that didn't work. I have now been waiting for 10 minutes after trying to restore the database and that doesn't seem to be working. Maybe it's a server error? I am not having any luck at the moment, I can't get any of the suggested security measures to work and it's now 3 long days I've spent trying to get some sort of security. I'll try again tomorrow and hope that the server soughts itself out. Chris. Link to comment Share on other sites More sharing options...
Chris34 Posted June 27, 2009 Share Posted June 27, 2009 Right I've managed to put the scripts into the file and the website works but I had to leave 3 of the scripts out. The 3 scripts were: 1) The images script 2) Ban Turkey 3) The very last script Is there a way of testing the site to see if these scripts have worked? Thanks, Chris. Link to comment Share on other sites More sharing options...
spooks Posted June 27, 2009 Author Share Posted June 27, 2009 there is plenty on the net http://corz.org/serv/tricks/htaccess2.php is a good resource Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
Chris34 Posted June 28, 2009 Share Posted June 28, 2009 Hi Sam, thanks for the link, that info is very useful. I have now installed iptrap, security pro and the htaccess scripts and they seem to be ok, I like the trap by the way : ) The problem I am having now is with site monitor. I have installed it and configured it but when I click the top button it comes up with this message 'Reference file creation failed.' , does anyone know why this is so? Cheers, Chris. Link to comment Share on other sites More sharing options...
tomstar Posted June 30, 2009 Share Posted June 30, 2009 I've installed my shop with installatron. There's a .htaccess in the root. Is my site automaticaly secured with htaccess or isn't? this is the site www.bestelmondkapjes.nl Link to comment Share on other sites More sharing options...
Guest Posted June 30, 2009 Share Posted June 30, 2009 Hi Sam, thanks for the link, that info is very useful. I have now installed iptrap, security pro and the htaccess scripts and they seem to be ok, I like the trap by the way : ) The problem I am having now is with site monitor. I have installed it and configured it but when I click the top button it comes up with this message 'Reference file creation failed.' , does anyone know why this is so? Cheers, Chris. The reference file has to be writeable. Link to comment Share on other sites More sharing options...
spooks Posted June 30, 2009 Author Share Posted June 30, 2009 I've installed my shop with installatron.There's a .htaccess in the root. Is my site automaticaly secured with htaccess or isn't? this is the site www.bestelmondkapjes.nl no, u must add the relavent scripts Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
tomstar Posted July 1, 2009 Share Posted July 1, 2009 The reference file has to be writeable. i've got the same problem, but I cant find a reference file. Where can I find it ? Link to comment Share on other sites More sharing options...
mhsuffolk Posted July 1, 2009 Share Posted July 1, 2009 The reference file is catalog/admin/sitemonitor_reference.php If it is not there try creating an empty file of that name and putting it in catalog/admin and running the top option in the site monitor admin area again Martin Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions. Link to comment Share on other sites More sharing options...
tomstar Posted July 1, 2009 Share Posted July 1, 2009 The reference file is catalog/admin/sitemonitor_reference.php If it is not there try creating an empty file of that name and putting it in catalog/admin and running the top option in the site monitor admin area again Martin done, but it's still not working :( Link to comment Share on other sites More sharing options...
mhsuffolk Posted July 1, 2009 Share Posted July 1, 2009 I presume it is at 644 Live shop Phoenix 1.0.8.4 on PHP 7.4 Working my way up the versions. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.