Announcement

Collapse
No announcement yet.

The GDPR

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #61
    Laura, Andrew - that's interesting.
    OrderScript debugging is considered in Sellerdeck desktop GDPR Recommendations and I implemented the recommendations given.
    However, after your earlier post I checked our site again and found that the error messages were starting to appear again.
    I compared our Site1 files with the URL cgi-bin files and found that the OrderScript.pl was dated 2009 and had not been updated with the later OrderScript.pl dated 03/11/2016 (unchanged after Notepad++ update) so I FTP'd the updated file over separately.
    Since doing this the file can still be accessed with the following error listed:

    Program = ORDERSCR, Program version = 43542 , HTTP Server = Apache , Return code = 999, Date and Time = 2018/05/10 13:58, Internal Errors = Error returned from SMTP server (4: https://www.spamhaus.org/query/ip/81.171.239.188)
    Do not know what this means!

    SD recommend that OrderScript debugging should only be enabled for a specific purpose and then disabled and the error file deleted afterwards.

    I also compared other *.pl file dates and found similar discreprancies for mailscript.pl, MergeDiff.pl, nph-download.pl, PerlScript.pl, referrer.pl, SearchHighlight.pl, SearchScript.pl files and various *.pm files which is surprising as the Actinic/SD version and site has been updated/refreshed many times since 2009.

    Andrew, SD - Should the most recent versions of these files also be FTP'd over?
    Last edited by Mantra; 10-May-2018, 03:41 PM. Reason: minor change
    Martin
    Mantra Audio

    Comment


      #62
      Firstly, the smtp error.....

      It is saying that Spamhaus has identified your SMTP server as being infected with a botnet so it unlikely that your email will be sent or delivered.

      See https://www.abuseat.org/lookup.cgi?ip=81.171.239.188

      Who is the host?
      Elysium:Online - Official Accredited SellerDeck Partner
      SellerDeck Design, Build, Hosting & Promotion
      Based in rural Northants

      Comment


        #63
        Don't FTP script files over. Let SD do that.

        What version of SD are you running?

        You can go into Help > Troubleshooting and then run Compare Perl Scripts - this compare your scripts against the original scripts for your version
        Elysium:Online - Official Accredited SellerDeck Partner
        SellerDeck Design, Build, Hosting & Promotion
        Based in rural Northants

        Comment


          #64
          Originally posted by Goz View Post
          Firstly, the smtp error.....

          It is saying that Spamhaus has identified your SMTP server as being infected with a botnet so it unlikely that your email will be sent or delivered.

          See https://www.abuseat.org/lookup.cgi?ip=81.171.239.188

          Who is the host?
          Host is Claranet.

          There are some more appearing today:

          Program = SHOPCART, Program version = 39310 , HTTP Server = Apache , Return code = 999 , Date and Time = 2018/05/11 00:01, Internal Errors = There is no valid input parameters for the script! Check the referencing HTML code!
          Program = SearchSc, Program version = 41529 , HTTP Server = Apache , Return code = 999 , Date and Time = 2018/05/11 06:17, Internal Errors = The requested file (Miscellaneous.html) is outside the scope of the script. If you believe the requested page should be served please contact the site operator.
          Martin
          Mantra Audio

          Comment


            #65
            Originally posted by Goz View Post
            Don't FTP script files over. Let SD do that.

            What version of SD are you running?
            Thanks, Andrew

            Version 16.0.3 RBUC

            You can go into Help > Troubleshooting and then run Compare Perl Scripts - this compare your scripts against the original scripts for your version
            Only 1 Perl Script listed as having been changed compared to sellerdeck originals:

            MailForm.pl - change for reCAPTCHA v2 update.

            I did a complete refresh (digital files and changed file boxes unticked) of the website this morning but this has made no difference to the script file date descrepancies - see screenshot attached.

            I will raise a ticket with SD support.

            Martin
            Attached Files
            Martin
            Mantra Audio

            Comment


              #66
              OrderScript.pl, PerlScript.pl, Search.pm should not be on your server. They should only be in your Site1 folder on your PC.

              When performing an upload, SellerDeck generates the scripts it needs from the scripts in the Site1 folder.

              You can identify those scripts in your cgi-bin by virtue of the fact they have the script number in the filename e.g. sa000001.pm, os000001.pl etc. (although there are a couple of exceptions such as DigestSHAPurePerl.pm and JSONPP.pm but that would be dependent on which which version of SD you are using)

              I would delete everything in the cgi-bin and then perform a website refresh. (Or, if you are ultra-cautious, backup the cgi-bin first)
              Elysium:Online - Official Accredited SellerDeck Partner
              SellerDeck Design, Build, Hosting & Promotion
              Based in rural Northants

              Comment


                #67
                Originally posted by Goz View Post
                It is saying that Spamhaus has identified your SMTP server as being infected with a botnet so it unlikely that your email will be sent or delivered.

                See https://www.abuseat.org/lookup.cgi?ip=81.171.239.188
                Thank you Andrew, I have reported this and raised a ticket with Claranet UK abuse team to investigate.

                Martin
                Martin
                Mantra Audio

                Comment


                  #68
                  Originally posted by Goz View Post
                  OrderScript.pl, PerlScript.pl, Search.pm should not be on your server. They should only be in your Site1 folder on your PC.

                  When performing an upload, SellerDeck generates the scripts it needs from the scripts in the Site1 folder.

                  You can identify those scripts in your cgi-bin by virtue of the fact they have the script number in the filename e.g. sa000001.pm, os000001.pl etc. (although there are a couple of exceptions such as DigestSHAPurePerl.pm and JSONPP.pm but that would be dependent on which which version of SD you are using)

                  I would delete everything in the cgi-bin and then perform a website refresh. (Or, if you are ultra-cautious, backup the cgi-bin first)
                  Andrew

                  The files identified must have been old legacy files residing in the site cgi-bin folder.

                  I took a backup just in case and deleted all files with *name .pl, .pm prefixes except the 2 files you mention leaving all files with script number in the filename and uploaded the site.

                  I will leave the complete clear out and site refresh for later as this takes an age and needs to be done at a quiet time when orders are not being generated - very early morning.

                  Thank you for your support and advice.

                  Martin
                  Mantra Audio
                  Martin
                  Mantra Audio

                  Comment


                    #69
                    Apologies, my earlier htaccess attempt didn't work, this one seems to:

                    Code:
                    <FilesMatch "\.(fil|session|authorise|mail)$">
                    	Order Allow,Deny
                    	Deny from all
                    </FilesMatch>
                    Without htaccess in the acatalog folder:

                    http://www.graphicz.solutions/gdprcs...log/prompt.fil

                    With the htaccess in the acatalog flder:

                    http://www.graphicz.solutions/gdpr/acatalog/prompt.fil
                    Jonathan Chappell
                    Website Designer
                    SellerDeck Website Designer
                    Actinic to SellerDeck upgrades
                    Graphicz Limited - www.graphicz.co.uk

                    Comment


                      #70
                      Originally posted by brucet View Post
                      We will ensure that users of our software and services can comply with them, and we will advise on any configuration changes that are necessary.
                      Hi Bruce... not quite true. Sellerdeck have just told me they will NOT supply me with the GDPR advice document as I do not currently subscribe to Sellerdeck cover. I am a long standing user of Sellerdeck/Actinic for over 10 years. I cancelled my Cover contract because frankly I didn't think the support I got from it was good enough. This kind of mean spirited customer relations is very disappointing.

                      Arka Tribal Jewellery

                      Comment


                        #71
                        Lat night I made a post on the forum regarding conflicting advice being given by Sellerdeck and Phil Rothwell regarding the 'soft opt in'. This morning the post has been deleted. I can email you the links if you contact me. Looks like Sellerdeck do not want an open and transparent discussion about it.

                        Arka Tribal Jewellery

                        Comment


                          #72
                          How do we contact you Mark? Your profile doesn't have any details.
                          Elysium:Online - Official Accredited SellerDeck Partner
                          SellerDeck Design, Build, Hosting & Promotion
                          Based in rural Northants

                          Comment


                            #73
                            Hi Andy, I'll email you. My email is mark@ my domain name. Cheers

                            The new forum doesn't seem to allow sending private messages!
                            Arka Tribal Jewellery

                            Comment


                              #74
                              On Page two I talked about getting explicit consent before the checkout sequence.

                              I subsequently suggested putting the Ts and Cs at the top of the sequence as this needs to be ticked for the sequence to progress.

                              HOWEVER - a problem has arisen in that with the Ts and Cs on Checkout 0, when the customer logs in this is bypassed and they cannot proceed as they keep getting warnings that they have not ticked the Ts and Cs.

                              SOLUTION - Undo what I suggested earlier (!)

                              Add this above <Actinic:ADDRESSES TYPE=INVOICEFORM> around line 80 Both Addresses Address Fields RWD

                              Code:
                              <Actinic:NOTINB2B><actinic:variable value="Terms and Conditions Agreed RWD" name="CheckoutArea" if="%3cactinic%3avariable%20name%3d%22TermsAgreementRequired%22%20%2f%3e" />    
                                              <div class="checkout">
                                          <actinic:variable value="Keep Details Private RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt015Visible%22%20%2f%3e" /><br class="clearfloat" />
                                               <h2>&nbsp;</h2><br class="clearfloat" /></div></Actinic:NOTINB2B>
                              Add this between </Actinic:NOTINB2B> line 60 and </div><!-- end of Existing Customer and New Customer fields -->

                              Code:
                              <Actinic:ONLYINB2B><actinic:variable value="Terms and Conditions Agreed RWD" name="CheckoutArea" if="%3cactinic%3avariable%20name%3d%22TermsAgreementRequired%22%20%2f%3e" />    
                                              <div class="checkout">
                                          <actinic:variable value="Keep Details Private RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt015Visible%22%20%2f%3e" /><br class="clearfloat" />
                                               <h2>&nbsp;</h2><br class="clearfloat" /></div></Actinic:ONLYINB2B>
                              The Terms and Conditions agreed layout is modified to look like this:

                              Code:
                              <input type="hidden" name="ActCheckoutPhase" value="TANDC">
                              <Actinic:TANDC>
                              <div class="checkout">
                                  <h2><!--<Actinic:Variable Name="TermsLabel"/>--> Consent to collecting your data for order processing.</h2>
                                  <div class="checkout-field-label">
                                      &nbsp;
                                  </div>
                                  <label class="invoicePrivacy" for="idAGREETERMSCONDITIONS">To process and deliver your order we need to collect your name, address, email address and telephone number. Please tick here to consent to us doing this. You are also accepting our terms and conditions. If the box is unticked we will not be able to process your order. <a href="info.html"><em>Terms &amp;Privacy</em></a> *</label>
                                  <input type="checkbox" id="idAGREETERMSCONDITIONS" name="AGREETERMSCONDITIONS" value="NO" <Actinic:Variable Name="InvoiceAgreeTermsAndCondition"/> style="checkbox" />
                                  <actinic:variable value="Terms and Conditions Agreed Popup Link RWD" name="CheckoutArea" />
                              </div>
                              </Actinic:TANDC>
                              Here is the whole modified Both Addresses Address Fields RWD

                              Code:
                              NETQUOTEDEL:INVOICEPHASE
                              
                              <!-- XML tags for formatting of the address list in B2B mode -->
                              <Actinic:VAR NAME=ADDRESS_COLUMNS VALUE=3/>
                              <Actinic:VAR NAME=ADDRESS_FORM0 VALUE="
                                  <input type=hidden name=%sADDRESSSELECT value=%s>
                                  <p><strong>%s</strong><br />%s,<br />%s,<br />%s,<br />%s, <strong>%s</strong>,<br /><strong>%s</strong></p>
                              "/>
                              <Actinic:VAR NAME=ADDRESS_FORM1 VALUE="
                                  <p><u><strong>%s:</strong></u></p>
                                  <input type=radio name=%sADDRESSSELECT value=%s%s onclick='SetAccountAddressVisibility();'>
                                  <p><strong>%s</strong><br />%s,<br />%s,<br />%s,<br />%s, <strong>%s</strong>,<br /><strong>%s</strong>
                              "/> 
                              <Actinic:VAR NAME=ADDRESS_FORM2 VALUE="
                                  <p><u><strong>%s:</strong></u></p>
                                  <input type=radio name=%sADDRESSSELECT value=%s%s onclick='SetAccountAddressVisibility();'>
                                  <p><strong>%s</strong><br />%s,<br />%s,<br />%s,<br />%s, <strong>%s</strong>,<br /><strong>%s</strong></p>
                              "/> 
                              <Actinic:VAR NAME=ADDRESS_TITLE0 VALUE=""/> <Actinic:VAR NAME=ADDRESS_TITLE1 VALUE="%s:"/>
                              <Actinic:VAR NAME=ADDRESS_TITLE2 VALUE="%s:"/> <Actinic:VAR NAME=ADDRESS_TITLE10 VALUE=""/>
                              <Actinic:VAR NAME=ADDRESS_TITLE11 VALUE=""/> <Actinic:VAR NAME=ADDRESS_TITLE12 VALUE="
                                  <p><u><strong>%s:</strong></u></p>
                                  <input type=radio id=id%sADDRESSSELECT_0 name=%sADDRESSSELECT value=0 %s onclick='SetAccountAddressVisibility();'>
                              "/> 
                              <Actinic:VAR NAME=ADDRESS_TABLE VALUE="
                                  %s
                                  <TABLE WIDTH=<actinic:variable name="ACTSTDWIDTH" /> BORDER=0 CELLSPACING=0 CELLPADDING=1 BGCOLOR=%s><TR><TD>
                                  <TABLE WIDTH=100%% BORDER=0 CELLSPACING=0 CELLPADDING=4 BGCOLOR=%s>
                                  %s
                                  </TABLE>
                                  </TD></TR></TABLE>
                                  %s
                              "/>
                              <!-- End of B2B address formatting tags -->
                              <Actinic:BOTHADDRESSDETAILS>
                              
                                  <input type="hidden" name="ActCheckoutPhase" value="INVOICE">
                                  <input type="hidden" name="ActCheckoutPhase" value="DELIVER">
                                  <input type="hidden" name="ActCheckoutPhase" value="PRELIM">
                              
                                  <!-- idBothAddressesTable is used by javascript -->
                                  <!-- class InvoiceField is used by javascript -->
                                  <!-- class DeliverField is used by javascript -->
                              
                                  <!-- start of Existing Customer and New Customer fields -->
                              
                                  <div class="checkoutCustomers">
                                      <actinic:block if="%3cactinic%3avariable%20name%3d%22CustomerAccountsCreationPolicy%22%20%2f%3e%20%20%21%3d%200">
                                          <Actinic:NOTINB2B>
                                              <fieldset>
                                                  <label><actinic:variable name="ExistingCustomerTitle" />XXX</label>
                                                  <p><a href="<actinic:variable name="LoginPageURL" />" target="_self"><actinic:variable name="LoginText" /></a></p>
                                              </fieldset>
                                              <fieldset>
                                                  <label><actinic:variable name="NewCustomerTitle" /></label>
                                                  <actinic:variable value="Create an Account RWD" name="CheckoutPrompt" />
                                                  <actinic:variable value="Password for New Customer Account RWD" name="CheckoutPrompt" />
                                              </fieldset>
                                          </actinic:block>
                                      </Actinic:NOTINB2B>
                                          <Actinic:ONLYINB2B><actinic:variable value="Terms and Conditions Agreed RWD" name="CheckoutArea" if="%3cactinic%3avariable%20name%3d%22TermsAgreementRequired%22%20%2f%3e" />    
                                              <div class="checkout">
                                          <actinic:variable value="Keep Details Private RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt015Visible%22%20%2f%3e" /><br class="clearfloat" />
                                               <h2>&nbsp;</h2><br class="clearfloat" /></div></Actinic:ONLYINB2B>
                                  </div>
                                  <!-- end of Existing Customer and New Customer fields -->
                                  <!-- start of the Address fields for both Invoice and Delivery -->
                                  <div id="idBothAddressesTable" class="checkout">
                                      <fieldset>
                                          <actinic:block if="%3cactinic%3avariable%20name%3d%22IsNotPreviewMode%22%20%2f%3e">
                                              <Actinic:ACCOUNT TYPE="ROW">
                                                  <div class="InvoiceField" id="idInvoiceAccountAddresses"><label id="idInvoiceHeader">Invoice Address:</label><Actinic:ACCOUNTINVOICE /></div>
                                                  <div class="DeliverField" id="idDeliverAccountAddresses"><label id="idDeliverHeader">Delivery Address:</label><Actinic:ACCOUNTDELIVER /></div>
                                              </Actinic:ACCOUNT>
                                          </actinic:block>
                                          <Actinic:NOTINB2B><actinic:variable value="Terms and Conditions Agreed RWD" name="CheckoutArea" if="%3cactinic%3avariable%20name%3d%22TermsAgreementRequired%22%20%2f%3e" />    
                                              <div class="checkout">
                                          <actinic:variable value="Keep Details Private RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt015Visible%22%20%2f%3e" /><br class="clearfloat" />
                                               <h2>&nbsp;</h2><br class="clearfloat" /></div></Actinic:NOTINB2B>
                                          <Actinic:ADDRESSES TYPE=INVOICEFORM>
                                              <div id="idSeparateShipRow" <actinic:block if="%3cactinic%3avariable%20name%3d%22InvoicePrompt016Visible%22%20%2f%3e%20%3d%3d%200" >style="display: none;"</actinic:block>>
                                                  <div id="idSeparateShipCell" class="InvoiceField">
                                                      <label for="idSEPARATESHIP"><actinic:variable name="InvoicePrompt016" /></label>
                                                      <input type="checkbox" <Actinic:Variable Name="InvoiceSeparateCheckStatus"/> id="idSEPARATESHIP" name="SEPARATESHIP" value="YES" onclick="SetDeliveryAddressVisibility();" tabindex="NETQUOTEVAR:TABINDEXINVOICESEPARATESHIP" style="border: 0;">
                                                  </div>
                                                  <div class="ShowAlways">
                                                      <p class="InvoiceField" id="idInvoiceHeader"><actinic:variable name="InvoiceTitle" /></p>
                                                      <actinic:block if="%3cactinic%3avariable%20name%3d%22InvoicePrompt016Visible%22%20%2f%3e">
                                                          <p class="DeliverField" id="idDeliverHeader"><actinic:variable name="DeliverTitle" /></p>
                                                      </actinic:block>
                                                      <actinic:block if="%21%3cactinic%3avariable%20name%3d%22InvoicePrompt016Visible%22%20%2f%3e" >
                                                          <Actinic:ONLYINB2B>
                                                              <p class="DeliverField" id="idDeliverHeader"><actinic:variable name="DeliverTitle" /></p>
                                                          </Actinic:ONLYINB2B>
                                                      </actinic:block>
                                                  </div>
                                              </div>
                              
                                              <actinic:variable value="Moving In One Month RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt013Visible%22%20%2f%3e" />        
                              
                                             <actinic:variable value="Both Addresses Salutation RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt000Visible%22%20%2f%3e" />
                                             <actinic:variable value="Both Addresses Name RWD" name="CheckoutPrompt" />
                                             <actinic:variable value="Both Addresses Job Title RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt002Visible%22%20%2f%3e" />
                                             <actinic:variable value="Both Addresses Company Name RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt003Visible%22%20%2f%3e" />
                                             <actinic:block if="%28%3cactinic%3avariable%20name%3d%22ALPInvoiceLookupEnabled%22%20%2f%3e%20%3d%3d%20true%29" >
                                                  <actinic:variable value="Both Addresses Postal Code RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt008Visible%22%20%2f%3e" />
                                             </actinic:block>   
                                             <actinic:variable value="Both Addresses Line 1 RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt004Visible%22%20%2f%3e" />
                                             <actinic:variable value="Both Addresses Line 2 RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt005Visible%22%20%2f%3e" />
                                             <actinic:variable value="Both Addresses Line 3 RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt006Visible%22%20%2f%3e" />
                                             <actinic:variable value="Both Addresses Country RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt009Visible%22%20%2f%3e" />
                                             <actinic:variable value="Both Addresses Line 4 RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt007Visible%22%20%2f%3e" />
                                             <actinic:block if="%28%3cactinic%3avariable%20name%3d%22ALPInvoiceLookupEnabled%22%20%2f%3e%20%3d%3d%20false%29" >
                                                  <actinic:variable value="Both Addresses Postal Code RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt008Visible%22%20%2f%3e" />
                                             </actinic:block>
                                             <actinic:variable value="Both Addresses Residential RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InfoRequiredForInvoiceResidential%22%20%2f%3e%20%7c%7c%20%3cactinic%3avariable%20name%3d%22InfoRequiredForDeliveryResidential%22%20%2f%3e" />
                                             <actinic:variable value="Both Addresses Phone RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt010Visible%22%20%2f%3e" />
                                             <actinic:variable name="CheckoutPrompt" value="Both Addresses Mobile RWD" if="%3cactinic%3avariable%20name%3d%22InvoiceMobileVisible%22%20%2f%3e" />
                                             <actinic:variable value="Both Addresses Fax RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt011Visible%22%20%2f%3e" />
                                             <actinic:variable value="Both Addresses Email RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt012Visible%22%20%2f%3e%20%7c%7c%20%3cactinic%3avariable%20name%3d%22DeliveryPrompt023Visible%22%20%2f%3e" />
                                             <actinic:variable value="Both Addresses User Defined RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt014Visible%22%20%2f%3e" />
                                             <!--<actinic:variable value="Moving In One Month RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt013Visible%22%20%2f%3e" />
                                             <actinic:variable value="Keep Details Private RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt015Visible%22%20%2f%3e" />-->
                                             <!-- start of the Address fields for both Invoice and Delivery -->
                                              <Actinic:NOTINB2B>
                                                  <div class="checkout">
                                                      <actinic:variable value="Remember Me RWD" name="CheckoutPrompt" if="%3cactinic%3avariable%20name%3d%22InvoicePrompt017Visible%22%20%2f%3e" />
                                                  </div>
                                              </Actinic:NOTINB2B>
                                          </Actinic:ADDRESSES>
                                      </fieldset>
                                  </div>
                              </Actinic:BOTHADDRESSDETAILS>
                              
                              <script type="text/javascript">
                               $(document).ready(function() {
                                SD.Responsive.setResponsiveDeliveryFields(true);
                                SetDeliveryAddressVisibility();
                               });
                              </script>
                              
                              NETQUOTEDEL:INVOICEPHASE
                              Jonathan Chappell
                              Website Designer
                              SellerDeck Website Designer
                              Actinic to SellerDeck upgrades
                              Graphicz Limited - www.graphicz.co.uk

                              Comment


                                #75
                                Originally posted by graphicz View Post
                                Apologies, my earlier htaccess attempt didn't work, this one seems to:

                                Code:
                                <FilesMatch "\.(fil|session|authorise|mail)$">
                                Order Allow,Deny
                                Deny from all
                                </FilesMatch>
                                Without htaccess in the acatalog folder:

                                http://www.graphicz.solutions/gdprcs...log/prompt.fil

                                With the htaccess in the acatalog flder:

                                http://www.graphicz.solutions/gdpr/acatalog/prompt.fil
                                Hi Jonathan,
                                I have created a .htaccess file
                                I have placed it in the acatalog folder online
                                It only contains the above code.
                                The permissions for the file are set to 0644

                                If I try and access prompt.fil then I see this; Forbidden

                                You don't have permission to access /acatalog/prompt.fil on this server.
                                Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.


                                However if I try and access oldaddress.fil a pop up appears in firefox and asks me if I want to open the file or save it. If I click save the file is downloaded.
                                It seems to block the other .fil files I try..
                                Arka Tribal Jewellery

                                Comment

                                Working...
                                X