[pmwiki-users] Problem with securing my website using login for updating
IchBin
weconsul at ptd.net
Fri Jan 12 13:33:11 CST 2007
IchBin wrote:
> IchBin wrote:
>> This has never happened before but here goes. I just moved my website to
>> a new hosting site. I just entered a bad admin login name and correct
>> password. It let me open up that page for editing. So I tried to enter a
>> makeup userid and makeup password. It let me open up the editor for
>> editing that page. I am not sure how this is happening.
>>
>> I just noticed that I had 30 user on my website. I just put a .htaccess
>> file in the root to block anyone until I get this problem fixed.
>>
>> Nothing have changed I have this:
>>
>> - this in my config:
>> $DefaultPasswords['admin']='$1$Pw1cjg06$9VgqESpEGt1WLCJPgr/3J.';
>> $DefaultPasswords['attr']= '$1$Pw1cjg06$9VgqESpEGt1WLCJPgr/3J.';
>> $DefaultPasswords['edit']= '$1$Pw1cjg06$9VgqESpEGt1WLCJPgr/3J.';
>> $HandleAuth['diff'] = 'edit';
>>
>> - authuser plugin
>>
>> The only thing I can think of is that per a question I had here the
>> other day in another thread "Problems adding my pmWiki to a different ISP".
>>
>> I modify the permissions of wiki.d/ so they're 777 instead of 775.
>>
>>
>
>
> I am running pmwiki-2.2.0-beta19 Version Number 2001919
>
> The website, that I FTP'ed to the new Host site at weconsul.zendurl.com,
> is working on my windows pc. The page login is checking correctly.
>
Naturally, this was my problem, as all knew, with the security setting
at the dir and file levels. I have been away from unix\linux os's for a
long time. I found the CHMOD "777 ." but could not enter it via my FTP
program.
I finally found that "slightly more secure" reference. I could not
understand the 's' in [drwxrwsr-x] for wiki.d. I found the CHMOD of
'2777', and applied it. I wish that when I was pointed to "slightly more
secure", which I found hard to find, they mentioned the CHMOD of '2777'.
--
Thanks in Advance... http://weconsul.zendurl.com
IchBin, Pocono Lake, Pa, USA http://ichbinquotations.awardspace.com
______________________________________________________________________
'If there is one, Knowledge is the "Fountain of Youth"'
-William E. Taylor, Regular Guy (1952-)
More information about the pmwiki-users
mailing list