Welcome to Geeklog, Anonymous Tuesday, October 04 2022 @ 06:18 am EDT

Geeklog Forums

What to with this warnings?


Status: offline

vas

Forum User
Newbie
Registered: 01/21/08
Posts: 9
Location:Chennai, India
blank
"public_html" should never be part of your site's URL. Please read the part about public_html in the installation instructions again and change your setup accordingly before you proceed.
Good! You seem to have removed the install directory already.
Your config.php is reachable from the web.
This is a security risk and should be fixed!
Your logs directory is reachable from the web.
This is a security risk and should be fixed!
Your plugins directory is reachable from the web.
This is a security risk and should be fixed!
Your system directory is reachable from the web.
This is a security risk and should be fixed!
Your backups directory is reachable from the web.
This is a security risk and should be fixed!
Your data directory is reachable from the web.
This is a security risk and should be fixed!
Good! You seem to have changed the default account password already.

Somebody please help :helpme:
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany

Status: offline

vas

Forum User
Newbie
Registered: 01/21/08
Posts: 9
Location:Chennai, India
I used http://yourgeeklogsite/admin/install/check.php while installing and found that I require to chmod all the required files to 777 otherwise it was showing not writable. Should I now change all of them back to 775? Thanks for your response. It is 0230 hrs in my place and will fall down with sleep, I will check your response in the morning. Thanks for the replies.
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
If the tests fail with 775 or 755, you should leave them at 777 or Geeklog will not be able to write to these files/directories either.

Depending on the sort of hosting you have, you may need to change ownership of the files (to the webserver user) for more restrictive permissions. If you can't do that, you may have to leave them at 777. It's not a security issue per se - you would still need some other vulnerability to make use of a world-writable directory.

bye, Dirk
 Quote

All times are EDT. The time is now 06:18 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content