Announcement

Collapse
No announcement yet.

security leak

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    security leak

    bb pl can read any file on server, ss pl has some limited capability as bb. very dangerous!

    what setting can i do at apache side to prevent certain files/directories being accessed by these pl scripts? basically files/directories not generated by actinic should be denied access from these pl

    thanks
    Tags: None
    #2
    An,

    I am running this past development for you.

    Kind regards,
    Bruce King
    SellerDeck

    Comment

      #3
      thanks!

      i think majority of actinic sites are not affected by this leak unless the owner has done some extensions as i did.

      my actinic site strictly speaking became a hybrid. that's why many of my questions are beyond actinic

      Comment

        #4
        Hi,

        I come back to this thread because I have a new idea. As far as I am concerned, I am extending Actinic site with php scripts, but php tags would not work if included by pl scripts (e.g. search results, logged in status). Is it possible to setup apache to parse these php tags before rendering pages to client browser? In another words, double parse these scripts by perl and php? I tried to change Actinic perl extension to php but it would not work.

        thanks

        Comment

        Previous template Next
        Working...
        X