| Author |
Message |
fasttrakker
Joined: 03 May 2013
Posts: 4
Location: United Kingdom
|
 Posted: Fri Jan 08, 2016 6:55 pm Post subject: Exclude files above webroot |
 |
|
A site I want to use ic24 with caches templates above the webroot. The problem is every time a page is cached it's triggering the protection, disabling that webpage.
The 'Add Trusted Files' setting is useless in this situation, and I cannot edit the code to add the exclusion key to every template cached, it's ioncubed. Is there any way to force an excluded directory or am I simply unable to use ic24?
Great idea thought, has already saved me once from the defacers already, a disgruntled (now former) member of staff. |
|
| Back to top |
|
 |
liaison
ionCube Support
Joined: 16 Dec 2004
Posts: 2788
|
| Posted: Tue Jan 12, 2016 6:35 pm Post subject: |
|
|
Hi
Great news that your site was saved from a hacker by our system!
There is a php.ini setting that may help:
| Code: |
ic24.sec.trusted_include_paths
|
Here's the full documentation from the Loader User Guide.
| Code: |
INI entry: ic24.sec.trusted_include_paths ; no default
Purpose: List paths from where files can be included
and automatically trusted.
Example:
ic24.sec.trusted_include_paths = "/var/cache:/var/cache2"
Directories can be excluded from the list by prefixing
with a minus character `-`. e.g.
"/var/cache:-/var/cache/subdir"
This is useful if your site creates and/or modifies
files by itself from time to time, e.g. in a cache
directory, though we would recommend producing files
that include the exclusion key as an alternative.
Requests that *directly* access files from a trusted
include path will be blocked but the file itself
will not be blocked, so requests that use the file as
intended will still work.
See ioncube24.com for more details once signed up.
|
Note that in the current Loader 5.0.19, paths may not match correctly if there are
any symlinks within the specified paths, but they will if the last component of
a path is a symlink. This is fixed in the upcoming 5.0.20 Loader.
_________________
Community Admin |
|
| Back to top |
|
|
fasttrakker
Joined: 03 May 2013
Posts: 4
Location: United Kingdom
|
| Posted: Tue Jan 12, 2016 10:50 pm Post subject: Douglas |
|
|
Must be my unlucky day.
I tried your suggestion with no success. I also tried moving the templates cache back to the webroot and adding trust there, but I still get warnings for 'new files' every time a new template file is made, which happens every time a page is refreshed.
I'd really love to get this working, but because it's a live domain (WHMCS) I've had to disable blocking and will just have to watch my emails for now.
No symlinks. |
|
| Back to top |
|
|
liaison
ionCube Support
Joined: 16 Dec 2004
Posts: 2788
|
| Posted: Wed Jan 13, 2016 6:12 pm Post subject: |
|
|
The mechanism works so this could be a configuration issue. If you create a support ticket at https://support.ioncube.com and as a start, provide the php.ini file and a link to a phpinfo page in the ticket, support can get back to you with further information.
_________________
Community Admin |
|
| Back to top |
|
|
fasttrakker
Joined: 03 May 2013
Posts: 4
Location: United Kingdom
|
| Posted: Fri Jan 15, 2016 9:26 pm Post subject: |
|
|
Finally got it sorted, with the help of Ben.
Apparently configuration changes weren't being written to the php.ini correctly. I ended up undoing all the changes, completely deleted the domain, rebuilt it from a backup then set ic24 up again.
Exact same settings, with php.ini accepting changes and the template cache above the webroot.
Happy days, And thanks to everyone - really pleased it's sorted  |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
