s.probst/OpenXE
1
0
Fork 0
mirror of https://github.com/OpenXE-org/OpenXE.git synced 2024-11-14 20:17:14 +01:00
Code Issues Projects Releases Wiki Activity

.htaccess security check feature with automatic repair upon login - amended

Browse Source
This commit is contained in:
OpenXE 2022-12-08 11:15:24 +00:00
parent 87e941516e
commit e3b7634581
3 changed files with 79 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.htaccess
View File

@ -1,10 +1,17 @@
# Generated file from class.acl.php # Generated file from class.acl.php
# For detection of htaccess functionality
SetEnv OPENXE_HTACCESS on
# Disable directory browsing # Disable directory browsing
Options -Indexes Options -Indexes
# Set default page to index.php
DirectoryIndex "index.php"
# Deny general access
Order deny,allow Order deny,allow
<FilesMatch ".">
Order Allow,Deny
Deny from all Deny from all
</FilesMatch>
# Allow index.php
<Files "index.php"> <Files "index.php">
Order Allow,Deny Order Allow,Deny
Allow from all Allow from all

35
phpwf/plugins/class.acl.php
View File

@ -1220,30 +1220,34 @@ class Acl
protected function CheckHtaccess() : mixed { protected function CheckHtaccess() : mixed {
$nominal = array('# Generated file from class.acl.php $nominal = array('# Generated file from class.acl.php
# For detection of htaccess functionality
SetEnv OPENXE_HTACCESS on
# Disable directory browsing # Disable directory browsing
Options -Indexes Options -Indexes
# Set default page to index.php
DirectoryIndex "index.php"
# Deny general access
Order deny,allow Order deny,allow
<FilesMatch ".">
Order Allow,Deny
Deny from all Deny from all
</FilesMatch>
# Allow index.php
<Files "index.php"> <Files "index.php">
Order Allow,Deny Order Allow,Deny
Allow from all Allow from all
</Files>', </Files>',
'# Generated file from class.acl.php '# Generated file from class.acl.php
SetEnv OPENXE_HTACCESS on
# Disable directory browsing # Disable directory browsing
Options -Indexes Options -Indexes
# Deny access to all *.php
Order deny,allow Order deny,allow
Allow from all Allow from all
<Files *.php> <Files *.php>
Order Allow,Deny Order Allow,Deny
Deny from all Deny from all
</Files> </Files>
# Allow access to index.php
<Files index.php> <Files index.php>
Order Allow,Deny Order Allow,Deny
Allow from all Allow from all
@ -1255,22 +1259,27 @@ class Acl
dirname($script_file_name)."/.htaccess"); // www dirname($script_file_name)."/.htaccess"); // www
for ($count = 0;$count < 2;$count++) { for ($count = 0;$count < 2;$count++) {
$htaccess = file_get_contents($htaccess_path[$count]); $htaccess = file_get_contents($htaccess_path[$count]);
if ($htacess === false) {
return("FATAL: ".$htaccess_path[$count]." nicht gefunden");
}
$result = strcmp(trim($htaccess[$count]),trim($nominal[$count])); $result = strcmp(trim($htaccess[$count]),trim($nominal[$count]));
if ($result !== 0) {
$result = file_put_contents($htaccess_path[$count],$nominal[$count]); if (($result !== 0) || ($htaccess === false)) {
$result = file_put_contents($htaccess_path[$count],trim($nominal[$count]));
if ($result === false) { if ($result === false) {
return("FATAL: ".$htaccess_path[$count]." fehlerhaft");
if ($htaccess === false) {
return("FATAL: ".$htaccess_path[$count]." nicht vorhanden und kann nicht korrigiert werden.");
}
return("FATAL: ".$htaccess_path[$count]." fehlerhaft und kann nicht korrigiert werden.");
} }
} }
} }
if (!isset($_SERVER['OPENXE_HTACCESS'])) { if (!isset($_SERVER['OPENXE_HTACCESS'])) {
return("FATAL: htaccess nicht aktiv."); return("FATAL: htaccess nicht aktiv.");
} }
return(true); return(true);
// HTACCESS SECURITY END // HTACCESS SECURITY END
} }

7
www/.htaccess
View File

@ -1,17 +1,14 @@
# Generated file from class.acl.php # Generated file from class.acl.php
SetEnv OPENXE_HTACCESS on
# Disable directory browsing # Disable directory browsing
Options -Indexes Options -Indexes
# Deny access to all *.php
Order deny,allow Order deny,allow
Allow from all Allow from all
<Files *.php> <Files *.php>
Order Allow,Deny Order Allow,Deny
Deny from all Deny from all
</Files> </Files>
# Allow access to index.php
<Files index.php> <Files index.php>
Order Allow,Deny Order Allow,Deny
Allow from all Allow from all