mirror of
https://github.com/OpenXE-org/OpenXE.git
synced 2024-11-14 20:17:14 +01:00
.htaccess security check feature with automatic repair upon login - amended
This commit is contained in:
OpenXE
parent
87e941516e
commit
e3b7634581
27
.htaccess
27
.htaccess
@ -1,11 +1,18 @@
|
|||||||
# Generated file from class.acl.php
|
# Generated file from class.acl.php
|
||||||
# Disable directory browsing
|
# For detection of htaccess functionality
|
||||||
Options -Indexes
|
SetEnv OPENXE_HTACCESS on
|
||||||
|
# Disable directory browsing
|
||||||
Order deny,allow
|
Options -Indexes
|
||||||
Deny from all
|
# Set default page to index.php
|
||||||
|
DirectoryIndex "index.php"
|
||||||
<Files "index.php">
|
# Deny general access
|
||||||
Order Allow,Deny
|
Order deny,allow
|
||||||
Allow from all
|
<FilesMatch ".">
|
||||||
</Files>
|
Order Allow,Deny
|
||||||
|
Deny from all
|
||||||
|
</FilesMatch>
|
||||||
|
# Allow index.php
|
||||||
|
<Files "index.php">
|
||||||
|
Order Allow,Deny
|
||||||
|
Allow from all
|
||||||
|
</Files>
|
||||||
@ -1214,40 +1214,44 @@ class Acl
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// HTACCESS SECURITY
|
// HTACCESS SECURITY
|
||||||
// Check for correct .htaccess settings
|
// Check for correct .htaccess settings
|
||||||
// true if ok, else error text
|
// true if ok, else error text
|
||||||
protected function CheckHtaccess() : mixed {
|
protected function CheckHtaccess() : mixed {
|
||||||
|
|
||||||
$nominal = array( '# Generated file from class.acl.php
|
$nominal = array('# Generated file from class.acl.php
|
||||||
# Disable directory browsing
|
# For detection of htaccess functionality
|
||||||
Options -Indexes
|
SetEnv OPENXE_HTACCESS on
|
||||||
|
# Disable directory browsing
|
||||||
Order deny,allow
|
Options -Indexes
|
||||||
Deny from all
|
# Set default page to index.php
|
||||||
|
DirectoryIndex "index.php"
|
||||||
<Files "index.php">
|
# Deny general access
|
||||||
Order Allow,Deny
|
Order deny,allow
|
||||||
Allow from all
|
<FilesMatch ".">
|
||||||
</Files>',
|
Order Allow,Deny
|
||||||
'# Generated file from class.acl.php
|
Deny from all
|
||||||
SetEnv OPENXE_HTACCESS on
|
</FilesMatch>
|
||||||
|
# Allow index.php
|
||||||
# Disable directory browsing
|
<Files "index.php">
|
||||||
Options -Indexes
|
Order Allow,Deny
|
||||||
|
Allow from all
|
||||||
Order deny,allow
|
</Files>',
|
||||||
Allow from all
|
'# Generated file from class.acl.php
|
||||||
|
# Disable directory browsing
|
||||||
<Files *.php>
|
Options -Indexes
|
||||||
Order Allow,Deny
|
# Deny access to all *.php
|
||||||
Deny from all
|
Order deny,allow
|
||||||
</Files>
|
Allow from all
|
||||||
|
<Files *.php>
|
||||||
<Files index.php>
|
Order Allow,Deny
|
||||||
Order Allow,Deny
|
Deny from all
|
||||||
Allow from all
|
</Files>
|
||||||
</Files>');
|
# Allow access to index.php
|
||||||
|
<Files index.php>
|
||||||
|
Order Allow,Deny
|
||||||
|
Allow from all
|
||||||
|
</Files>');
|
||||||
|
|
||||||
$script_file_name = $_SERVER['SCRIPT_FILENAME'];
|
$script_file_name = $_SERVER['SCRIPT_FILENAME'];
|
||||||
$htaccess_path = array(
|
$htaccess_path = array(
|
||||||
@ -1255,24 +1259,29 @@ class Acl
|
|||||||
dirname($script_file_name)."/.htaccess"); // www
|
dirname($script_file_name)."/.htaccess"); // www
|
||||||
|
|
||||||
for ($count = 0;$count < 2;$count++) {
|
for ($count = 0;$count < 2;$count++) {
|
||||||
$htaccess = file_get_contents($htaccess_path[$count]);
|
|
||||||
if ($htacess === false) {
|
|
||||||
return("FATAL: ".$htaccess_path[$count]." nicht gefunden");
|
|
||||||
}
|
|
||||||
|
|
||||||
|
$htaccess = file_get_contents($htaccess_path[$count]);
|
||||||
|
|
||||||
$result = strcmp(trim($htaccess[$count]),trim($nominal[$count]));
|
$result = strcmp(trim($htaccess[$count]),trim($nominal[$count]));
|
||||||
if ($result !== 0) {
|
|
||||||
$result = file_put_contents($htaccess_path[$count],$nominal[$count]);
|
if (($result !== 0) || ($htaccess === false)) {
|
||||||
|
$result = file_put_contents($htaccess_path[$count],trim($nominal[$count]));
|
||||||
if ($result === false) {
|
if ($result === false) {
|
||||||
return("FATAL: ".$htaccess_path[$count]." fehlerhaft");
|
|
||||||
|
if ($htaccess === false) {
|
||||||
|
return("FATAL: ".$htaccess_path[$count]." nicht vorhanden und kann nicht korrigiert werden.");
|
||||||
|
}
|
||||||
|
return("FATAL: ".$htaccess_path[$count]." fehlerhaft und kann nicht korrigiert werden.");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($_SERVER['OPENXE_HTACCESS'])) {
|
if (!isset($_SERVER['OPENXE_HTACCESS'])) {
|
||||||
return("FATAL: htaccess nicht aktiv.");
|
return("FATAL: htaccess nicht aktiv.");
|
||||||
}
|
}
|
||||||
|
|
||||||
return(true);
|
return(true);
|
||||||
// HTACCESS SECURITY END
|
// HTACCESS SECURITY END
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,18 +1,15 @@
|
|||||||
# Generated file from class.acl.php
|
# Generated file from class.acl.php
|
||||||
SetEnv OPENXE_HTACCESS on
|
# Disable directory browsing
|
||||||
|
Options -Indexes
|
||||||
# Disable directory browsing
|
# Deny access to all *.php
|
||||||
Options -Indexes
|
Order deny,allow
|
||||||
|
Allow from all
|
||||||
Order deny,allow
|
<Files *.php>
|
||||||
Allow from all
|
Order Allow,Deny
|
||||||
|
Deny from all
|
||||||
<Files *.php>
|
</Files>
|
||||||
Order Allow,Deny
|
# Allow access to index.php
|
||||||
Deny from all
|
<Files index.php>
|
||||||
</Files>
|
Order Allow,Deny
|
||||||
|
Allow from all
|
||||||
<Files index.php>
|
</Files>
|
||||||
Order Allow,Deny
|
|
||||||
Allow from all
|
|
||||||
</Files>
|
|
||||||
Loading…
Reference in New Issue
Block a user