.htaccess security check feature with automatic repair upon login - amended

This commit is contained in:
OpenXE 2022-12-08 11:15:24 +00:00
parent 87e941516e
commit e3b7634581
3 changed files with 79 additions and 66 deletions

View File

@ -1,11 +1,18 @@
# Generated file from class.acl.php # Generated file from class.acl.php
# Disable directory browsing # For detection of htaccess functionality
Options -Indexes SetEnv OPENXE_HTACCESS on
# Disable directory browsing
Order deny,allow Options -Indexes
# Set default page to index.php
DirectoryIndex "index.php"
# Deny general access
Order deny,allow
<FilesMatch ".">
Order Allow,Deny
Deny from all Deny from all
</FilesMatch>
<Files "index.php"> # Allow index.php
<Files "index.php">
Order Allow,Deny Order Allow,Deny
Allow from all Allow from all
</Files> </Files>

View File

@ -1219,35 +1219,39 @@ class Acl
// true if ok, else error text // true if ok, else error text
protected function CheckHtaccess() : mixed { protected function CheckHtaccess() : mixed {
$nominal = array( '# Generated file from class.acl.php $nominal = array('# Generated file from class.acl.php
# Disable directory browsing # For detection of htaccess functionality
Options -Indexes SetEnv OPENXE_HTACCESS on
# Disable directory browsing
Order deny,allow Options -Indexes
Deny from all # Set default page to index.php
DirectoryIndex "index.php"
<Files "index.php"> # Deny general access
Order Allow,Deny Order deny,allow
Allow from all <FilesMatch ".">
</Files>',
'# Generated file from class.acl.php
SetEnv OPENXE_HTACCESS on
# Disable directory browsing
Options -Indexes
Order deny,allow
Allow from all
<Files *.php>
Order Allow,Deny Order Allow,Deny
Deny from all Deny from all
</Files> </FilesMatch>
# Allow index.php
<Files index.php> <Files "index.php">
Order Allow,Deny Order Allow,Deny
Allow from all Allow from all
</Files>'); </Files>',
'# Generated file from class.acl.php
# Disable directory browsing
Options -Indexes
# Deny access to all *.php
Order deny,allow
Allow from all
<Files *.php>
Order Allow,Deny
Deny from all
</Files>
# Allow access to index.php
<Files index.php>
Order Allow,Deny
Allow from all
</Files>');
$script_file_name = $_SERVER['SCRIPT_FILENAME']; $script_file_name = $_SERVER['SCRIPT_FILENAME'];
$htaccess_path = array( $htaccess_path = array(
@ -1255,22 +1259,27 @@ class Acl
dirname($script_file_name)."/.htaccess"); // www dirname($script_file_name)."/.htaccess"); // www
for ($count = 0;$count < 2;$count++) { for ($count = 0;$count < 2;$count++) {
$htaccess = file_get_contents($htaccess_path[$count]); $htaccess = file_get_contents($htaccess_path[$count]);
if ($htacess === false) {
return("FATAL: ".$htaccess_path[$count]." nicht gefunden");
}
$result = strcmp(trim($htaccess[$count]),trim($nominal[$count])); $result = strcmp(trim($htaccess[$count]),trim($nominal[$count]));
if ($result !== 0) {
$result = file_put_contents($htaccess_path[$count],$nominal[$count]); if (($result !== 0) || ($htaccess === false)) {
$result = file_put_contents($htaccess_path[$count],trim($nominal[$count]));
if ($result === false) { if ($result === false) {
return("FATAL: ".$htaccess_path[$count]." fehlerhaft");
if ($htaccess === false) {
return("FATAL: ".$htaccess_path[$count]." nicht vorhanden und kann nicht korrigiert werden.");
}
return("FATAL: ".$htaccess_path[$count]." fehlerhaft und kann nicht korrigiert werden.");
} }
} }
} }
if (!isset($_SERVER['OPENXE_HTACCESS'])) { if (!isset($_SERVER['OPENXE_HTACCESS'])) {
return("FATAL: htaccess nicht aktiv."); return("FATAL: htaccess nicht aktiv.");
} }
return(true); return(true);
// HTACCESS SECURITY END // HTACCESS SECURITY END
} }

View File

@ -1,18 +1,15 @@
# Generated file from class.acl.php # Generated file from class.acl.php
SetEnv OPENXE_HTACCESS on # Disable directory browsing
Options -Indexes
# Disable directory browsing # Deny access to all *.php
Options -Indexes Order deny,allow
Allow from all
Order deny,allow <Files *.php>
Allow from all
<Files *.php>
Order Allow,Deny Order Allow,Deny
Deny from all Deny from all
</Files> </Files>
# Allow access to index.php
<Files index.php> <Files index.php>
Order Allow,Deny Order Allow,Deny
Allow from all Allow from all
</Files> </Files>