Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted September 7, 20168 yr Where is this managed in the admin center? I don't see an option for it under System -> Security.
September 7, 20168 yr If the option does not appear, then you have already enabled it. In that case you'd need to edit the .htaccess file in your ./uploads/ folder to apply the changes to the file manually.
September 7, 20168 yr I'll paste the info here for those who need it. This is taken from the update notice in the ACP, prior to upgrade: "If you have already enabled the security feature "Protect Writeable Folders From Dangerous Files", then you will need to manually update the .htaccess file which you can do simply by opening "uploads/.htaccess" in a text editor and replacing its contents with:" #<ipb-protection> <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$"> Order allow,deny Deny from all </Files> #</ipb-protection>
September 7, 20168 yr Author Hmm, not seeing an .htaccess in /p15d24ph_forum/uploads/logs/ Only one I see is in the actual forum directory and it doesn't have any #<ip-protection> entries.
September 7, 20168 yr Author Mark, is the ip protection code snippet the only entry in the uploads/logs .htaccess file?
September 7, 20168 yr Im using this with nginx: location ~ ^/uploads/.*\.(?:php\d*|phtml)$ { deny all; } @Mark H should i change it to? location ~ ^/uploads/.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$ { deny all; }
September 7, 20168 yr Yes just add the new extensions for above you, htaccess in /uploads/ applies to folders under /uploads also
September 7, 20168 yr 1 hour ago, P15-D24 said: Hmm, not seeing an .htaccess in /p15d24ph_forum/uploads/logs/ Only one I see is in the actual forum directory and it doesn't have any #<ip-protection> entries. I made a typo in my post, which I corrected. The correct path is simply ./uploads/
September 7, 20168 yr @Mark H Can I safely use the rules @RevengeFNF posted above for nginx? Or does it need any adjustment? Many thanks, as we also use ngninx here.
September 7, 20168 yr I don't use nginx so I don't know, unfortunately. I'll let someone else answer that.
September 7, 20168 yr I updated manually. Can that annoying red block that tells me to upgrade, (which is impossible at the moment as you guys are doing maintenance at your end) please be made dismissible on the forum side?
September 7, 20168 yr 55 minutes ago, riko said: I updated manually. Can that annoying red block that tells me to upgrade, (which is impossible at the moment as you guys are doing maintenance at your end) please be made dismissible on the forum side? If you have updated to the last version, the red block isn't there. Which version are you on ?
September 7, 20168 yr Hi guys, i have the same problem (from Italy http://audinside.it) 1 hour ago, R-023 said: which is impossible at the moment as you guys are doing maintenance at your end) please be made dismissible on the forum side? is possible have the istructions for resolve this problem? Thanks Giuseppe
September 7, 20168 yr What problem? Wait until tomorrow and then do the ACP upgrade. You can’t stand the upgrade warning for a day?
September 7, 20168 yr 17 minutes ago, josdoss said: which is impossible at the moment as you guys are doing maintenance at your end) please be made dismissible on the forum side? Quote are not my words. But hiding the red block, it is not possible by system default. You have to edit / add something manual but this is not supported by ips. Also what this is, is not allowed to discuss this here on ips. If you guys have a little patience, the maintenance from the client area is almost ready regarding the time schedule, after that you can update normally and all your problems disappear!!
September 7, 20168 yr @opentype of course is possible for me waiting; don't have urgency, it was just to understand @R-023 Thanks for your reply OK I'll wait
September 9, 20168 yr Quote Protect Writeable Folders From Dangerous Files Where in the admin CP would I find this setting?
September 9, 20168 yr hello newbie question if i updated the .htaccess manually then i dont have to run this upgrade at all ? cause i ran the upgrade, it says it downloaded the files but when trying to continue the upgrade it says "file not found"
Archived
This topic is now archived and is closed to further replies.