Want to subscribe to topics you're interested in?
Become a Member

IP.Board IPB v4.1.x Files

Discussion in 'Forum software usage' started by Jimmy, Nov 9, 2015.

  1. Jimmy

    Jimmy Well-Known Member

    1,788
    390
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +990
    Local Time:
    10:44 PM
    Just a note: I've updated the vhost conf file on gist and will probably be adding more as I add more applications to the suite.

     
  2. cloud9

    cloud9 Premium Member Premium Member

    431
    117
    43
    Oct 6, 2015
    England
    Ratings:
    +217
    Local Time:
    3:44 AM
    1.25.3
    10.6.x
    Running 5.6.22 due to that problem
     
  3. cloud9

    cloud9 Premium Member Premium Member

    431
    117
    43
    Oct 6, 2015
    England
    Ratings:
    +217
    Local Time:
    3:44 AM
    1.25.3
    10.6.x
    Whats changed in the conf file ? rewrite urls ? :)
     
  4. Jimmy

    Jimmy Well-Known Member

    1,788
    390
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +990
    Local Time:
    10:44 PM
    Not too much. I just need to add some extras for the applications being that the interface * location does like the * so I have to add them manually.
     
  5. tjk

    tjk Member

    76
    16
    8
    Jun 27, 2015
    Ratings:
    +27
    Local Time:
    10:44 PM
    Good stuff @Jimmy ! Any reason you didn't opt for the consolidated allow/deny as @Ahmad posted about here?
    IPB v4.1.x Files

    Also, re php 7.0.7, there are a couple bugs now being reported on IPB forums being caused by PHP 7, one is the menu on the private message system, and another I saw about bulk email, IPB devs blamed PHP 7 last I saw.
     
  6. Jimmy

    Jimmy Well-Known Member

    1,788
    390
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +990
    Local Time:
    10:44 PM
  7. tjk

    tjk Member

    76
    16
    8
    Jun 27, 2015
    Ratings:
    +27
    Local Time:
    10:44 PM
    I see the allows you can also do the deny in one block too.
     
  8. Jimmy

    Jimmy Well-Known Member

    1,788
    390
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +990
    Local Time:
    10:44 PM
    Yea, I guess I could do those too. Good point. I'll do those later to consolidate things. ;)
     
  9. Ahmad

    Ahmad Active Member

    209
    80
    28
    Apr 13, 2015
    Ratings:
    +150
    Local Time:
    4:44 AM
    1.9.9
    10.1.10
    I ended up removing the deny rules. You'd have to do that for all 3rd party apps you install too btw.
    The php files already deny direct access so I don't think the deny rules are really needed.
     
  10. Jimmy

    Jimmy Well-Known Member

    1,788
    390
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +990
    Local Time:
    10:44 PM
    Yea, Makoto only has 2 denies in his conf file: uploads and datastore. But I'd rather have those denies there just in-case, unless it was proving to be a problem with the software. Maybe I'm overcautious.
     
  11. tjk

    tjk Member

    76
    16
    8
    Jun 27, 2015
    Ratings:
    +27
    Local Time:
    10:44 PM
    Agree, can't hurt anything.
     
  12. cloud9

    cloud9 Premium Member Premium Member

    431
    117
    43
    Oct 6, 2015
    England
    Ratings:
    +217
    Local Time:
    3:44 AM
    1.25.3
    10.6.x
    You could put # notes next to each line so users can comment out if problems with a note that datastore and downloads are the two main ones
     
  13. cloud9

    cloud9 Premium Member Premium Member

    431
    117
    43
    Oct 6, 2015
    England
    Ratings:
    +217
    Local Time:
    3:44 AM
    1.25.3
    10.6.x
    @Jimmy

    Have you got the latest (this is for htaccess) ipb recommendation in your config (IPS 4.14.1.3) ?

    Code:
    #<ipb-protection>
    <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$">
        Order allow,deny
        Deny from all
    </Files>
    #</ipb-protection>
     

    Attached Files:

  14. cloud9

    cloud9 Premium Member Premium Member

    431
    117
    43
    Oct 6, 2015
    England
    Ratings:
    +217
    Local Time:
    3:44 AM
    1.25.3
    10.6.x
    Makoto commented on the apache notes here
     
  15. eva2000

    eva2000 Administrator Staff Member

    54,546
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    1:44 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    @Jimmy FYI was checking your latest revision of IP4 Centmin Mod Nginx rules at Invision Power Board v4 Nginx configuration file for use with Centminmod. ยท GitHub and you can remove this part for HPKPs

    Code (Text):
        # HTTP Public Key Pinning Header uncomment only one that applies include or exclude domains.
        # You'd want to include subdomains if you're using SSL wildcard certificates
        # include subdomain
        # add_header Public-Key-Pins 'pin-sha256="kUtRfCe0JWOz1gw4DOGvf15QCfSLkIrlu+eOpf/PFOg="; pin-sha256="7nF+BczNEgtaZKE9fU80QwigQ+9Ip5S4AhR8CYM/U70="; max-age=86400; includeSubDomains';
        # exclude subdomains
        # add_header Public-Key-Pins 'pin-sha256="kUtRfCe0JWOz1gw4DOGvf15QCfSLkIrlu+eOpf/PFOg="; pin-sha256="7nF+BczNEgtaZKE9fU80QwigQ+9Ip5S4AhR8CYM/U70="; max-age=86400';
     
  16. Jimmy

    Jimmy Well-Known Member

    1,788
    390
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +990
    Local Time:
    10:44 PM
    @eva2000 thanks.

    @cloud9 I'm still down - working off a laptop. Hopefully, I'll be back online in the next week and be able to take a look at the files as I will be upgrading my forum when I get back online.
     
  17. cloud9

    cloud9 Premium Member Premium Member

    431
    117
    43
    Oct 6, 2015
    England
    Ratings:
    +217
    Local Time:
    3:44 AM
    1.25.3
    10.6.x
    @Jimmy Good news, how come the outage ? net problems ? Good to hear from you again man ;)
     
  18. eva2000

    eva2000 Administrator Staff Member

    54,546
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    1:44 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  19. eva2000

    eva2000 Administrator Staff Member

    54,546
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    1:44 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  20. pamamolf

    pamamolf Premium Member Premium Member

    4,084
    428
    83
    May 31, 2014
    Ratings:
    +834
    Local Time:
    5:44 AM
    Nginx-1.25.x
    MariaDB 10.3.x
    I think also this one must be commented :

    Code:
        # Prevent access to ./directories and files
        location ~ (?:^|/)\. {
            deny all;
    }