need help on GEEKLOG
aku baru install geeklog.malangnya aku punya hosting guna PLESK. (windows server).
kalo fantastico tu senang le sikit.
skrg ni dah siap install, aku dpt notis ni :
1- Results of the Security Check
Good! You seem to have removed the install directory already.
2- Your db-config.php is reachable from the web.
This is a security risk and should be fixed!
3- Your logs directory is reachable from the web.
This is a security risk and should be fixed!
4- Your plugins directory is reachable from the web.
This is a security risk and should be fixed!
5- Your system directory is reachable from the web.
This is a security risk and should be fixed!
6- Your backups directory is reachable from the web.
This is a security risk and should be fixed!
7- Your data directory is reachable from the web.
This is a security risk and should be fixed!
8- Good! You seem to have changed the default account password already.
cemana nak fix smua tu ?
aku ada ftp software. tapi nk setkan cemana? ubah permission ke, ubah cemana?
**aku dah baca help file dia tapi dah cuba, dpt error aje. 1# bzzts
Basically files/folders tu semua kena (masa install tu) letak luar dari 'public_html' directory - baru lah takde access dari internet. Security error ni memang selalu berlaku ngan most CMS.
Kalau tu takleh, atau nak install jugak dlm public_html directory, cuba tengok bawah ni:
Installing Geeklog entirely within the web root
As explained in the installation instructions, parts of Geeklog (everything outside of the public_html directory) should be installed such that they are not accessible from a URL (for security reasons). However, some hosting services (typically free or cheap services) won't let you install files outside of the webroot.
In that case, you can still install Geeklog if there is a way to password-protect a directory on your site (usually done through .htaccess and htpasswd files, although some hosting services offer web frontends for those).
Here's what you should do:
1. Upload everything that's in Geeklog's public_html directory onto your site.
2. At the top level, create a new directory (try choosing a not-too-obvious name, i.e. don't just name it "geeklog" ...).
3. Into that directory, copy all the other files and directories that came in the Geeklog tarball.
4. Password-protect that directory!
5. Edit your config.php as per the installation instructions.
6. Make sure that $_CONF['path_html'] points to your webroot, i.e. the directory where you copied the contents of public_html. Use the full path instead of specifying the path relative to $_CONF['path'], i.e. the line should look like
$_CONF['path_html'] = '/path/to/your/webroot/';
7. Also make sure that $_CONF['path'] points to the directory you created above, i.e. to the directory that contains the config.php file.
8. Proceed with the installation as per the instructions.
If you can not password-protect the directory, you could still install and run Geeklog, but it wouldn't be a very secure installation. You may be better off using another hosting service ... adeh... failed aku bila tengok instruction tu :lol: 3# bzzts
Untuk senang, aku suggest ko reinstall semula. MySQL tu takyah buat baru.
1. Upload apa yang patut ke public_html directory.
2. Yang lelain tu (yg benda2 listed as security risks tu) letak kat sama level ngan directory public_html tu - create new directory and bagi apa2 nama ko suka... sebagai contoh guna nama 'bzzts'.
3. Masa installation tu, wizard tu akan (sepatutnya) cari directories/files yg di uploaded ke 'bzzts' tu. Feature ni memang standard for most current CMS installations. Tapi kalaulah wizard tu tak jumpa, dia akan tanya... time tu ko point it ke directory 'bzzts' tu.
Aku confident ni akan berjaya and takde dah security alerts tu.
Sebenarnya aku tak pernah guna Geeklog ni, tapi benda/issue ni memang standard ngan some CMS... macam Xoops - error message sama kuar masa aku install semua kat public_html folder tu... bila dah pindah kuar (and edit2 sket certain files), tak kuar dah security alerts tu. Reply 4# 0001
thanks. rupanya senang je.
cuma aku je tak nampak part errror tu duk tang mana... hehe... :p
Pages:
[1]